T-Mobile was reportedly hacked in a recent cyberespionage attack on American and international telecommunications companies.
Hackers with ties to a Chinese intelligence agency were able to get into the T-Mobile network as part of a monthslong effort to spy on the cellular communications of high-value intelligence targets, The Wall Street Journal (WSJ) reported Friday (Nov. 15), citing sources familiar with the matter.
The report added that it’s not clear what if any, information about T-Mobile customers’ calls and communications records was taken in the breach.
In a statement emailed to PYMNTS, T-Mobile said the hackers didn’t gain access to customer or other sensitive data:
“T-Mobile is closely monitoring this industry-wide attack. Due to our security controls, network structure and diligent monitoring and response we have seen no significant impacts to T-Mobile systems or data. We have no evidence of access or exfiltration of any customer or other sensitive information as other companies may have experienced. We will continue to monitor this closely, working with industry peers and the relevant authorities.”
According to the WSJ report, the breach is part of a broader cyberespionage campaign by Chinese hackers — known as Salt Typhoon — that some U.S. officials argue could be historic and catastrophic in scale and severity.
The campaign has already targeted AT&T, Verizon and Lumen Technologies. Sources told WSJ that Salt Typhoon infiltrated U.S. telecom infrastructure through vulnerabilities including Cisco Systems routers, and may have used technologies such as artificial intelligence or machine learning to bolster operations.
Hackers were able to break into cellphone lines used by a range of senior national security and policy officials throughout the U.S. government, as well as some politicians. Once inside, the hackers could access call logs, unencrypted texts and some audio from targets, something that could have a major impact on national security, investigators said.
The news comes at the tail end of a year that has seen several high-profile cyberattacks. And after one of the more recent incidents — involving grocery giant Ahold Delhaize — PYMNTS asked the question: Are retailers equipped to handle evolving cyberthreats?
“With cyberattacks now possible at a scale many businesses may not be equipped to address, companies must prioritize security from the top down,” that report said. “A robust cybersecurity strategy involves continual training, layered security protocols, and an incident response plan that is regularly tested.”
And in an era where a click or a tap makes the difference between landing or losing a sale, cybersecurity is a key factor in how customers perceive and trust a brand.
“Retailers must view cybersecurity as a continuous journey, requiring investment in artificial intelligence-driven fraud detection and partnerships with cybersecurity experts who can provide updates, insights and rapid responses when incidents occur,” that report said.