T-Mobile confirms that its network has been hit by Chinese hackers
- T-Mobile has been added to the list of victims of the Salt Typhoon
- Salt Typhoon has focused heavily on the telecommunications sector
- No evidence was found indicating access to customer data
T-Mobile has joined the growing list of US telecom operators affected by Salt Typhoon.
The company confirmed this in a statement to the newspaper Wall Street Journal that although a breach had occurred, there was no evidence that the attackers had accessed or exfiltrated customer data.
“T-Mobile is closely monitoring this industry-wide attack, and at this time, T-Mobile’s systems and data have not been affected in any significant way, and we have no evidence of any impact to customer information. We will continue to monitor this closely, in collaboration with industry peers and the relevant authorities,” the company said in a statement.
Salt typhoon continues its attack
Salt Typhoon launched a broad attack on US and Canadian telecommunications companies and internet service providers in what is believed to be a critical infrastructure mapping and espionage campaign.
The FBI recently confirmed that the group had successfully accessed networks and private communications of members of the US government.
The US government through the Consumer Financial Protection Bureau (CFPB) has also issued a warning to its employees to avoid using personal cell phones for work purposes, stating: “While there is no evidence that CFPB is targeting this unauthorized access , I ask for your compliance with these guidelines so that we reduce the risk of being compromised.”
In a further statement to BleepingComputerT-Mobile added: “Thanks to our security controls, network structure and careful monitoring and response, we have not seen any significant impacts to T-Mobile’s systems or data. We have no evidence of access to or exfiltration of customer or other sensitive information, as other companies may have experienced.”
The group is widely recognized as a Chinese state-sponsored threat actor and the campaign is thought to be aimed at mapping future attacks and hunting for vulnerabilities.
Other telecommunications companies hit by the same campaign include AT&T, Lumen Technologies and Verizon, with the attackers potentially having access to customer data and networks for several months. A network used by US authorities to submit requests under court orders was also breached.
An overview of T-Mobile burglaries by BleepingComputer calls this the ninth since 2019, during which the company has suffered a number of data breaches, attacks and extortion attempts.
