A major attack on US telecoms occurred as T-Mobile was hacked by Chinese cyber espionage.

The telecom industry is a prime target for cybercriminals due to the sensitive data it stores. Carriers have access to personal information such as web searches, website visits, phone calls, and text messages. This data is valuable not only to hackers but also to governments. As a result, T-Mobile, a US phone giant, was hacked as part of a recent cyberattack on domestic and international phone and internet companies.

Sign up for my free newsletter to receive a $500 gift card for the holidays!

What you need to know

A major Chinese cyber-espionage operation targeted multiple U.S. and international telecommunications companies, including T-Mobile, resulting in a network compromise, according to a report citing sources familiar with the matter.

T-Mobile was targeted by hackers linked to a Chinese intelligence agency in a months-long attempt to monitor the cellphone communications of high-value intelligence targets. Despite the report's findings, the exact date of the attack is unknown, and it is unclear whether any customer data was compromised.

This month, the U.S. government confirmed that Chinese hackers had breached multiple U.S. telecommunications service providers to gain access to wiretap systems used by law enforcement for surveillance of Americans. These wiretap systems enable law enforcement agencies to monitor phone calls, text messages, and internet communications as part of investigations, typically with a warrant.

The FBI and CISA issued a joint statement announcing a major cyber espionage campaign involving PRC-affiliated hackers who breached networks at multiple US telecommunications companies. Although the agencies did not specify which companies were affected, reports suggest that T-Mobile, AT&T, Lumen (formerly CenturyLink), and Verizon may have been targeted.

In October, the Wall Street Journal reported that Chinese hackers had been accessing networks for months or longer, allowing them to gather internet traffic from a wide range of businesses and millions of American customers.

T-Mobile’s many data breaches

In 2021, a hacker breached T-Mobile's lab environment by posing as a legitimate connection to an unidentified piece of equipment. The hacker guessed passwords for multiple servers and moved laterally through the network, ultimately stealing personal data, including names, addresses, Social Security numbers and driver's license IDs, from tens of millions of customers.

In 2022, T-Mobile suffered another breach as a malicious actor employed SIM-swapping, phishing, and other techniques to gain access to the company's internal platform for managing mobile resellers that serve T-Mobile customers.

In 2023, T-Mobile faced multiple security breaches. First, hackers gained access to a remote viewing application for customer data using phished credentials from employees. Then, in January, a misconfigured API exposed personal data for 37 million customers, adding to the company's security woes.

T-Mobile’s response

T-Mobile spokesperson stated that the company is closely monitoring the latest industry-wide attack, and despite its security controls, network structure, and diligent monitoring and response, it has not experienced any significant impacts to its systems or data. The company has no evidence of access or exfiltration of any customer or other sensitive information, as other companies may have experienced. T-Mobile will continue to closely monitor this attack, collaborate with industry peers and the relevant authorities.

5 ways to stay safe amid the rise in telecom data breaches

Regularly update your passwords, especially for telecom accounts and related services, using strong, unique passwords that include a mix of letters, numbers, and symbols. Password managers can assist you in generating and securely storing these passwords.

Consider using data removal services to reduce the risk of your personal information being exploited in cyberattacks after a breach. Here are my top picks for such services.

Protect yourself from identity theft by using services that monitor your accounts, alert you to potential threats, and can assist in resolving issues if your data is compromised. Check out my tips and best picks for identity theft protection.

Secure your telecom accounts with an additional layer of protection by enabling two-factor authentication (2FA). This security measure requires a second form of verification, such as a text code or an app-based prompt, making it more difficult for hackers to access your accounts even if they have your password.

Protect yourself from phishing scams by using robust antivirus software: Be wary of unexpected messages or calls that request personal information or access to your accounts. Legitimate companies won't ask for sensitive details in this manner. If something seems suspicious, contact your service provider through official channels. Above all, avoid clicking on links, as they may lead to fraudulent activities or malware.

To safeguard yourself from malicious links and protect your private information, it is recommended to install strong antivirus software on all your devices. This software can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. If you're looking for the best antivirus protection for your Windows, Mac, Android, and iOS devices in 2024, check out my top picks.

Kurt’s key takeaway

T-Mobile and AT&T are often targeted by hackers, resulting in the theft of millions of Americans' data, including call records, text messages, and personal details. The FCC intervened and fined T-Mobile $30 million, split between a penalty of $15 million and a mandatory investment in better security. Despite this, if the companies responsible for your data continue to be breached, there may be limited actions you can take.

Should telecom companies face stricter consequences instead of fines and penalties, or are the current consequences sufficient as a deterrent? Share your thoughts by writing to Cyberguy.com/Contact.

To receive my tech tips and security alerts, sign up for my free CyberGuy Report Newsletter at Cyberguy.com/Newsletter.

Let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2024 CyberGuy.com. All rights reserved.