“We’re fully committed to take our security efforts to the next level as we work to rebuild trust…”
On Friday, Aug. 27, T-Mobile CEO Mike Sievert finally answered all the questions regarding the recent T-Mobile data breach.
In his blog post on the site, the CEO accepted that they had mistakes in their security. He said that the recent attack was a “humbling” experience for the telecommunications network. To solve the issues and put more protection for their system, Sievert announced partnering with a security firm, Mandiant.
What T-Mobile is doing now
In a blog post entitled: “The Cyberattack Against T‑Mobile and Our Customers: What happened, and what we are doing about it,” T-Mobile CEO explained the elephant in the room. What is T-Mobile doing now to protect its users?
In his long post, Sievert reiterated that the investigation on the incident is now “substantially complete.” He said that the company is “disappointed and frustrated” over the recent breach.
As reported by Tech Visibility, more than 50 million T-Mobile users had their information compromised by a 21-year-old hacker who claimed they’re responsible for the attack. The hacker said that the T-Mobile security system was “awful.” The unidentified hacker further explained that he accessed the database from a “publicly exposed router.”
On the other hand, T-Mobile CEO said that the hacker “leveraged their knowledge of technical systems, along with specialized tools and capabilities, to gain access to our testing environments and then used brute force attacks and other methods to make their way into other IT servers that included customer data.”
Simply debunking the hacker’s opinion that it was easy to get past T-Mobile’s security protocol.
Sievert further highlighted the company’s actions to protect its users from getting their identities stolen. He said that the process is not easy and that many things are needed to be improved on their system.
There is much work to do, and this will take time, and we remain committed to doing our best to ensure those who had information exposed feel informed, supported, and protected by T-Mobile.
Mandiant security firm
Now, that T-Mobile is accepting that there is still a need for security improvement on their system. The company announced partnering with the “industry-leading cybersecurity experts” at Mandiant, and with consulting firm KPMG LLP.
T-Mobile said that they have a “multi-year investment” with the security firm to make their “cybersecurity efforts to the next level.” It reiterated that they are doing these actions to make sure that the data breach will not happen again in the future.
As said on their website, Mandiant Threat Intelligence provides solutions that protect and defend organizations against cyber security attacks. They claim that their company has been more than 15 years in industry and they have over 900 analysts and researchers. The company has been offering these services since 2004.
What users can do about the attack
For now, T-Mobile is:
- offering two years of free identity protection services with McAfee’s ID Theft Protection Service to all persons who may have been affected
- recommending customers sign up for T-Mobile’s free scam-blocking protection through Scam Shield
- making Account Takeover Protection available for postpaid customers, which makes it more difficult for customer accounts to be fraudulently ported out and stolen
- suggesting other best practices and practical security steps like resetting PINs and passwords for all customers.