Skip to content

T-Mobile thwarts early-stage Chinese cyber intrusion

  • by
  • 2 min read

T-Mobile successfully thwarted a cyber incident that likely originated from China, ensuring no impact on user devices or data exposure. Hackers gained unauthorised access to a limited number of T-Mobile routers. The intrusion also included reconnaissance activities aimed at penetrating deeper into the network.

However, the company’s cyber security team detected and removed the attackers promptly, presenting further escalation, reports Bloomberg.

While T-Mobile has not yet attributed the attack to any specific entity, the incident resembled the methods used by Salt Typhoon, a Chinese state-sponsored hacking group that has recently targeted U.S. telecommunication networks.

T-Mobile assured that customer data remained secure throughout the incident. In a public statement, the company reiterated, “We have not seen significant impacts to T-Mobile systems or data, and have no evidence of impacts to or exfiltration of any customer information.”

The breach aligns with a larger pattern of attacks on U.S. telecommunications companies. Just last week, U.S. officials revealed that Chinese state-backed hackers had launched a “broad and significant cyber-espionage campaign” targeting multiple telecom firms, including AT&T, Verizon, and Lumen Technologies.

These intrusions aimed to steal call records and compromise sensitive communications, with government officials and political figures reportedly among the targets.

Missouri Senator Josh Hawley highlighted the scope of the campaign during a Senate hearing, claiming the hackers may have accessed communications involving Vice President Kamala Harris’s staff and other prominent officials.

The attacker reportedly manipulated Cisco Systems Inc. routers to siphon off data from targeted networks.

Responding to accusations, Chinese Foreign Ministry spokesperson Lin Jian dismissed the claims as politically motivated disinformation, stating, “We have no interest in interfering in other countries’ internal affairs through cyberspace.”

In June 2024, the IntelBroker threat actor claimed to have breached T-Mobile. However, the company quickly denied the allegations. In April, the Federal Communications Commission (FCC) imposed $200 million on Verizon, AT&T, T-Mobile, and Sprint for unlawfully collecting user data without consent.

In the News: Large location data sold by brokers exposes US military secrets

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

>