Although no sensitive data was accessed, T-Mobile, a U.S. cellular service provider, reported that it had recently discovered efforts by malicious actors to breach its networks in recent weeks. “A wireline provider’s network that was connected to ours” was the source of these infiltration attempts, according to a statement from T-Mobile Chief Security Officer Jeff Simon. “We see no instances of prior attempts like this.”
The business added that threat actors were unable to interfere with its services or steal consumer data because of its security measures. Since then, it has acknowledged that it disconnected from the network of the unidentified supplier. Although it stated that it had shared its findings with the U.S. government, it did not specifically link the activity to any known threat actor or group.
Simon told Bloomberg that the organization saw the attackers using commands linked to discovery on routers to examine the network’s topography. Simon also added that the attacks were stopped before they spread laterally throughout the network. The first business to openly admit the hacking attack was T-Mobile.
The development follows reports that, as part of an intelligence gathering campaign, a cyber espionage group with ties to China, known as Salt Typhoon (also known as Earth Estries, FamousSparrow, GhostEmperor, and UNC2286), targeted several U.S. telecom companies, including AT&T, Verizon, and Lumen Technologies.
“Simply put, our defenses worked as designed โ from our layered network design to robust monitoring and partnerships with third-party cyber security experts and a prompt response โ to prevent the attackers from advancing and, importantly, stopped them from accessing sensitive customer information,” Simon stated. “Other providers may be seeing different outcomes.”
