Unusual activity on T-Mobile network devices reportedly alerted the company to a breach.
And as Bloomberg News reported Wednesday (Nov. 27), it is possible that breach was part of a larger cyber-spy network, raising stark questions about the safety of crucial mobile networks.
Jeff Simon, T-Mobile’s chief security officer, told Bloomberg that while the behavior was not “inherently malicious,” it was odd enough to capture the attention of the company’s network engineers. These engineers had in recent weeks seen unauthorized users running commands on the company’s network devices, appearing to probe the structure of the network.
The engineers kicked the bad actors off the network before they made it deeper inside or accessed customer data, the report added.
“That was what initially clued us into some suspicious behavior, discovery-type commands being run on some of our routers and commands that have been known to be related to Salt Typhoon,” Simon said, referring to the hacking network allegedly backed by China.
The Chinese government has maintained it is not involved in those attacks.
The Bloomberg report notes that T-Mobile is the first carrier to publicly present a profile of markers potentially associated with Salt Typhoon, which has been accused of a “broad and significant” hacking campaign targeting multiple telecommunications companies.
The report confirms a Wall Street Journal story from earlier this month about a breach at T-Mobile, citing unnamed sources.
“T-Mobile is closely monitoring this industry-wide attack,” the company said in a statement issued to PYMNTS at the time.
“Due to our security controls, network structure and diligent monitoring and response we have seen no significant impacts to T-Mobile systems or data. We have no evidence of access or exfiltration of any customer or other sensitive information as other companies may have experienced. We will continue to monitor this closely, working with industry peers and the relevant authorities.”
In other cybersecurity news, PYMNTS on Wednesday explored the evolving role of the chief risk officer in a conversation with Regina Lewie, who holds that position at Corporate One Federal Credit Union.
“The speed of change is what stands out the most,” Lewie said.
“Risk leaders have to quickly identify and manage risks in an environment that’s more complex than ever. There are so many new players in financial services, new payment channels, and the speed of information — it can be both good and bad. A single event can ripple through the markets, requiring us to react, even if it doesn’t directly affect us.”