In association with heise online

17 January 2012, 10:52

T-Mobile USA hacked

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

T-Mobile USA logo A group of hackers that goes by the name "TeaMp0isoN" claims to have obtained access credentials belonging to staff at US Deutsche Telekom subsidiary T-Mobile USA. To back up their claim, the hackers posted data to the Pastebin anonymous text hosting service. One member of the group told Softpedia that the hack involved exploiting SQL injection vulnerabilities on the and web sites.

According to T-Mobile, the problem was limited to the T-Mobile USA newsroom. This claim seems plausible, with spot testing by The H's associates at heise Security finding that the published credentials did indeed belong to newsroom staff. This would limit the scale of any problems arising as a result – the intruders may be able to publish fake press releases. Based on the information provided, private customer data was never at risk.

Most of the passwords consist of a simple six-digit number composed of two numbers repeated such as "112112". T-Mobile USA says that it has now fixed the vulnerabilities.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit