WSJ: 21-Year-Old T-Mobile Hacker Says ‘Their Security Is Awful’

T-Mobile Chief Operating Officer Mike Sievert speaks at the Quibi keynote address January
ROBYN BECK/AFP via Getty Images

In a recent exclusive interview, the Wall Street Journal spoke to the 21-year-old behind the recent T-Mobile hack that saw the data of 50 million customers stolen. The hacker claims that Generating noise was one goal.”

In a recent interview titled “T-Mobile Hacker Who Stole Data on 50 Million Customers: ‘Their Security Is Awful’,” the Wall Street Journal spoke to the 21-year-old American hacker behind the recent hack of T-Mobile that saw the data of 50 million customers stolen.

The Associated Press

Colorful T-Mobile CEO leaving, even as Sprint deal not done

21-year-old John Binns moved to Turkey a few years ago and has claimed responsibility for the hack. Binns has reportedly used various online aliases since 2017 and communicated with the WSJ via the secure messaging app Telegram where he discussed details of the hack before they were publicly known.

The latest breach marks the third major customer data leak that T-Mobile has publicly disclosed in just the past two years. T-Mobile is the second-largest U.S. mobile carrier with around 90 million cellphones connecting to its network.

Binns told the WSJ that he gained access to T-Mobile’s network after discovering an unprotected router exposed on the internet. He began scanning T-Mobile’s known internet addresses for weak spots and did so to gain attention. He told the WSJ: “Generating noise was one goal.” He did not say whether he sold any of the data stolen in the hack or if he was paid to breach the T-Mobile systems.

The WSJ discussed details of Binn’s life, writing:

Mr. Binns said he grew up in northern Virginia with his Turkish mother. His father died in 2002 when Mr. Binns was two years old, according to a newspaper article and a published obituary.

He attended McLean High School in 2015 and 2016, according to the school’s yearbooks. He was estranged from his father’s family and moved with his mother to Izmir, Turkey, shortly after his 18th birthday, according to a person familiar with the matter.

Binns allegedly contacted a relative in the United States last year, alleging that he was a computer expert that had been kidnapped and placed in a mental institute against his will. He told the WSJ stories of being abducted in Germany and placed in a fake mental hospital. Binns told the WSJ: “I have no reason to make up a fake kidnapping story and I’m hoping that someone within the FBI leaks information about that.”

Binns sued the Central Intelligence Agency, the Federal Bureau of Investigation, and other federal agencies in 2020 in an attempt to compel them to fulfill a federal record request that he made for information about FBI investigations of botnet attacks. The case is still active in the U.S. District Court for the District of Columbia, all agencies have denied Binns’ allegations in past court filings.

The WSJ writes:

Mr. Binns told the Journal he first learned to find zero-days—previously undisclosed software flaws—by figuring out cheats for videogames such as “Minecraft,” “Arma” and “DayZ.” He said he found the zero-day that other hackers used to create Satori, a botnet-building virus that infects unprotected home routers, but denied writing any of the Satori code. “There are people who are way more skilled than I am,” he wrote.
The August hack of T-Mobile stole an array of personal details from more than 54 million customers, according to the company’s latest tally. Some customers had their names, Social Security numbers and birth dates exposed. Another batch of data included IMEI and IMSI numbers tied to users’ phones, which other attackers could use as a starting point to take control of victims’ phone lines.

Read more at the Wall Street Journal here.

Lucas Nolan is a reporter for Breitbart News covering issues of free speech and online censorship. Follow him on Twitter @LucasNolan or contact via secure email at the address lucasnolan@protonmail.com

COMMENTS

Please let us know if you're having issues with commenting.