Well this is encouraging!
T-Mobile's security is "awful" says hacker who stole data from 50M customers.
He would know, I guess.
John Binns, a 21-year-old American who lives in Turkey, told The Wall Street Journal that he is responsible for the attack. Binns said that he discovered an unprotected router in July after scanning T-Mobile's known internet addresses for weak spots.
He used the unprotected router to access T-Mobile's data center located in Washington, where stored credentials provided him access to over 100 servers. He said he initially panicked because he "had access to something big," and went on to claim that T-Mobile's "security is awful."
It took him about a week to sort through the servers to find the personal data on millions of customers, and he downloaded the data on August 4. On August 13, T-Mobile was informed that someone was selling T-Mobile customer data, and T-Mobile confirmed the breach just days later.
Awesome. A round of applause for everyone involved. And perhaps some raises/bonuses for the T-Mobile tech/security crew?
Affected T-Mobile customers can receive two years of free identity protection services through McAfee's ID Theft Protection Service and can implement Account Takeover Protection features.
Of course they can. Never let a good opportunity go to waste, ladies and gents.
You know, if I were the cynical type - okay, I am - I'd kinda wonder if a bunch of shitheads were in cahoots on all this at some level. 1) create a problem 2) offer a "solution" for said problem 3) high-fives/drinks