Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label T-Mobile. Show all posts
Verizon
911 service AT&T Consumer Cellular customer complaints Cyber Security Downdetector FBI mobile phone Outage service interruptions T-Mobile USCellular Verizon

Cell Service Restored Following Extensive AT&T Outage

 

AT&T has resolved issues affecting its mobile phone customers following widespread outages on Thursday, according to a company announcement.Throughout the day, tens of thousands of cell phone users across the United States reported disruptions.

Reports on Downdetector.com, a platform monitoring outages, indicated instances of no service or signal after 04:00 EST (09:00 GMT).

AT&T issued an apology to its customers and confirmed that services were fully operational again by early afternoon. The company stated its commitment to taking preventive measures to avoid similar incidents in the future. The cause of the outage is currently being investigated.

Verizon and T-Mobile informed the BBC that their networks were functioning normally. However, they acknowledged that some customers may have experienced service issues while attempting to communicate with users on different networks.

According to Downdetector, AT&T received over 74,000 customer complaints, with significant clusters in southern and eastern regions of the country.

Smaller carriers like Cricket Wireless, UScellular, and Consumer Cellular also reported interruptions in service. Complaints ranged from difficulties with calls, texts, to internet access, with many users reporting no service or signal.

Downdetector's data showed that major cities including Los Angeles, Chicago, Houston, and Atlanta experienced high numbers of outages.

Some individuals also faced challenges with 911 services, prompting officials to advise the use of landlines, social media, or cell phones from alternative carriers in emergencies.

The widespread outage has garnered the attention of the US government, with the FBI and Department of Homeland Security launching investigations, as confirmed by John Kirby, spokesperson for the US National Security Council.

Eric Goldstein, executive assistant director for cybersecurity at the US Cybersecurity and Infrastructure Security Agency, stated that they are collaborating with AT&T to understand the root cause of the outage and are ready to provide assistance as necessary.

Although a confidential memo reported by ABC News suggested no signs of malicious activity, CISA officials are actively investigating the incident.
Read more »
Unauthorized access
Android Applications API Bug Data Breach Private Information T-Mobile Technical Glitch Unauthorized access

T-Mobile App Glitch Exposes Users to Data Breach

A recent T-Mobile app bug has exposed consumers to a severe data breach, which is a disturbing revelation. This security hole gave users access to sensitive information like credit card numbers and addresses as well as personal account information for other users. Concerns regarding the company's dedication to protecting user data have been raised in light of the event.

On September 20, 2023, the problem reportedly appeared, according to reports. Unauthorized people were able to examine a variety of individual T-Mobile customer's data. Along with names and contact information, this also included extremely private information like credit card numbers, putting consumers at risk of loss of money. 

T-Mobile was quick to respond to the incident. A company spokesperson stated, "We take the security and privacy of our customers very seriously. As soon as we were made aware of the issue, our technical team worked diligently to address and rectify the glitch." They assured users that immediate steps were taken to mitigate the impact of the breach.

Security experts have highlighted the urgency of the situation. Brian Thompson, a cybersecurity analyst, emphasized, "This incident underscores the critical importance of robust security protocols, particularly for companies handling sensitive user data. It's imperative that organizations like T-Mobile maintain vigilant oversight of their systems to prevent such breaches."

The breach not only puts user information at risk but also raises questions about T-Mobile's data protection measures. Subscribers trust their service providers with a wealth of personal information, and incidents like these can erode that trust.

T-Mobile has advised its users to update their app to the latest version, which contains the necessary patches to fix the glitch. Additionally, they are encouraged to monitor their accounts for any unusual activities and report them promptly.

This incident serves as a stark reminder of the ever-present threat of data breaches in our digital age. It reinforces the need for companies to invest in robust cybersecurity measures and for users to remain vigilant about their personal information. In an era where data is more valuable than ever, safeguarding it should be of paramount importance for all.
Read more »
Vulnerabilities
Cyberattacks CyberCrime Data Breach T-Mobile UpGuard Vulnerabilities

Customers' Accounts Were Exposed in the Verizon breach

 


There have been a lot of talks lately about telecom companies and consumer data breaches. In the past few years, you are more likely to hear about T-Mobile announced in the headlines. There have been numerous attacks on the self-titled Un-carrier with disastrous results each time it was attacked. 

However, Verizon (and its customers) are not the only ones suffering this year - updated information has revealed that millions of Verizon subscribers have been subjected to data breaches, with their personal information being made publicly available. 

A Verizon contractor has apologized after failing to secure a large batch of customer information previously collected by the telecom company. Due to this vulnerability, over 6 million customer accounts have been exposed. Although it is unclear whether Verizon - the country's largest wireless carrier - will notify users infected, many believe they will. 

In some cases, customers' PIN codes were exposed as well, which are often used in conjunction with their names, addresses, phone numbers, account information, as well as basic information about how to contact customer service teams via phone. Some logs contained information about customer service calls stored in the cloud containing exposed data. 

As part of its commitment to security and privacy, Verizon is committed to protecting the personal information of its customers. 

A researcher with the cyber risk team at security vendor UpGuard, Chris Vickery, discovered that the data was exposed through a breach at the location. 

In a blog post Dan O'Sullivan, a cyber resilience analyst at UpGuard, wrote In a recent post, a cyber resilience analyst at UpGuard wrote that the data was contained in an unsecured Simple Storage Service (S3) bucket. This repository is controlled by NICE Systems, an Israeli company that is part of Verizon's partner network. 

It is also said that Verizon has said in a press statement that their agency supports a wireline self-service call center portal for small businesses and homes, and certain data is required for the project.

The data exposure was discovered by UpGuard on June 13; Verizon notified the company to lock out the bucket by June 22 as soon as it discovered it. It has been characterized as "troubling" from the perspective of UpGuard, and officials from NICE were unable to comment as of right now. 

UpGuard says 14 million customer records may have been exposed due to the breach. 

In an attempt to prove its point, Verizon denied the figure, saying Wednesday that 6 million accounts had been exposed to the vulnerability. 

The Verizon spokesman did not answer a question as to how Verizon came to this conclusion, although an analysis of access logs could have contributed. In response to a question about notification, Samberg declined to comment. 

Error in Redux Configuration

Vickery has made several data exposure discoveries this year, including Verizon. The search engine Shodan is an excellent tool to catalog staggering breaches. An internet-connected device is found by Shodan by searching for it on the internet. Researchers can detect unsecured internet-related systems and cloud instances by plugging specific search terms into Shodan, which helps discover insecure internet-connected systems and cloud instances. 

The configuration error appears to have been made by NICE and was caused by a rule that was set incorrectly in the S3 bucket, similar to the previous episodes of unintentionally exposed data detected by Vickery. 

The data was then available via the internet, which left it accessible to everyone. Having accessed the database and its many terabytes of contents with just the S3 URL was a convenient way to access and download the data, writes UpGuard's O'Sullivan in a post, and the files themselves were also accessible. 

Amazon S3 storage buckets do not have public access enabled by default, which is Amazon's policy. As part of Amazon's identity and access management controls, you can also control who has access to buckets and has enough permission to alter or delete data. It is also possible to block buckets based on HTTP referrers and IP addresses to make them off-limits to certain users. 

It seems unlikely that anyone at NICE would have disabled those security defaults, but it's possible. 

Exposure to Orange Data is Suspected

Aside from the information exposed in the S3 bucket, according to O'Sullivan, the information appears to have also been exposed by at least one other organization, Orange, which is also a partner of NICE. 

The data, he writes, appears less sensitive. However, it is noteworthy to see this type of information being included in a Verizon repository, even though it is internal to Orange. On the European market, Verizon's enterprise division competes directly with Orange's enterprise division. 

Data Security is at Risk

In contrast, Verizon has downplayed the idea that data has been exposed. Even though some personal information was included in the data set, the overwhelming majority of the information did not have any outside value. As Verizon confirmed in a statement, the company said that there were no Social Security numbers or Verizon voice recordings in the cloud storage area. 

Yet some security experts are skeptical about whether this leak will cause damage. In some customer records, the PIN was masked in some cases; however, this only affected a subset of accounts. 

It is believed that UPSGuard believes that unmasked PINs could be used by Verizon to gain access to account information. The PINs required for these accounts are fundamental to verifying callers as legitimate Verizon customers. This is preventing impersonators from accessing and changing Verizon account settings, writes O'Sullivan. 

Verizon says users cannot access online accounts using PINs. Samberg, Verizon's Chief Creative Officer, did not follow up with a question from the media about whether having a PIN alone might be enough for an individual to obtain an additional SIM card, but he did suggest that having a PIN might not be sufficient. 

Scammers are feared to be able to impersonate customers and obtain SIM cards by impersonating them as customers. 

Having the victim's phone number would give them the capability to use it to their advantage. Fraudsters would then receive messages from the victim including their two-factor authentication codes as part of the fraud scheme. To better block unauthorized access, a one-time passcode is now required for many online services, from banks to cloud storage providers. 

According to a report released by the U.S. National Institute of Standards and Technology, it is recommended that out-of-band authentication be avoided by using voice calls and SMS messages. 

A smartphone app, which you can find on your smartphone, is becoming increasingly popular among businesses - even wireless carriers - to enable users to receive a one-time code via the program. This method of sending one-time codes is generally considered to be a safer approach by security experts than sending them via voice or SMS communication.
Read more »
Telegram
Atlas VPN Cyber Attacks Darkweb LAPSUS$ NVIDIA Sensitive Data Leak SIM Swapping T-Mobile Telegram

T-Mobile Reveals its Security Systems were Hacked via Lapsus$ Hackers

 

T-Mobile acknowledged on Friday it had been the subject of a security compromise in March when the LAPSUS$ mercenary group gained access to its networks. The admission occurred after investigative journalist Brian Krebs published internal chats from LAPSUS$'s key members, revealing the group had infiltrated the company many times in March previous to the arrest of its seven members. 

After analyzing hacked Telegram chat conversations between Lapsus$ gang members, independent investigative journalist Brian Krebs first exposed the incident. T-Mobile said in a statement the breach happened "a few weeks ago" so the "bad actor" accessed internal networks using stolen credentials. "There was no customer or government information or any similarly sensitive information on the systems accessed, and the company has no evidence of the intruder being able to get anything of value," he added.

The initial VPN credentials were allegedly obtained from illegal websites such as Russian Market in order to get control of T-Mobile staff accounts, enabling the threat actor to conduct SIM switching assaults at anytime. 

The conversations suggest how LAPSUS$ had hacked T-Slack Mobile's and Bitbucket accounts, enabling the latter to obtain over 30,000 source code repositories, in addition to getting key to an internal customer account management application called Atlas. In the short time since it first appeared on the threat scene, LAPSUS$ has been known for hacking Impresa, NVIDIA, Samsung, Vodafone, Ubisoft, Microsoft, Okta, and Globant. 

T-Mobile has acknowledged six previous data breaches since 2018, including one in which hackers gained access to data linked to 3% of its members. T-Mobile acknowledged it had disclosed prepaid customers' data a year later, in 2019, and unknown threat actors had acquired access to T-Mobile workers' email accounts in March 2020. Hackers also acquired access to consumer private network information in December 2020, and attackers accessed an internal T-Mobile application without authorization in February 2021. 

According to a VICE investigation, T-Mobile, unsuccessfully, tried to prevent the stolen data from being posted online after paying the hackers $270,000 through a third-party firm in the aftermath of the August 2021 breach. After its stolen sensitive information turned up for sale on the dark web, the New York State Office of the Attorney General (NY OAG) alerted victims of T-August Mobile's data breach would face elevated identity theft risks. 

The City of London Police announced earlier this month as two of the seven adolescents arrested last month for alleged potential connections to the LAPSUS$ data extortion group, a 16-year-old, and a 17-year-old had been charged.
Read more »
US
Data Breach SIM Swapping T-Mobile US

American Telecommunications Firm, T-Mobile Confirmed Data Breach and Sim Swapping Attacks

 

After an undisclosed number of subscribers were reportedly hit by SIM swap attacks, American telecommunications company T-Mobile has announced a data breach. The organization believes that this malicious conduct has been detected very easily and that it has taken steps to stop it and discourage it from continuing in the future. 

SIM swap attacks (or SIM hijacking) permits scammers who use social engineering or bribing mobile operator workers to a fraudster-controlled SIM to gain a charge of their target telephone number. They then receive messages and calls from victims and enable users to easily bypass multi-factor authentication (MFA) through SMS, steal user identifiers, and take over the victims' Online Service Accounts. Criminals will enter the bank accounts of the victims and take money, swap passwords for their accounts, and even lock the victims out of their own accounts. 

T-Mobile disclosed that an anonymous perpetrator had access to customer account details, including contact information and personal id numbers- in the communication of violation sent to affected consumers on 9 February 2021. As the attackers have been able to port numbers, it is not known whether or not they have been able to access an employee's account by means of the affected account users.

"An unknown actor gained access to certain account information. It appears the actor may then have used this information to port your line to a different carrier without your authorization," T-Mobile said.
 
"T-Mobile identified this activity—terminated the unauthorized access, and implemented measures to protect against reoccurrence".

Client names, emails, e-mail addresses, account numbers, Social Security Numbers (SSN), PINs, questions and responses about account security, date of birth, schedule information, and a number of lines signed up to their accounts may have been used for the information stolen by hackers stated T-Mobile.
 
"T-Mobile quickly identified and terminated the unauthorized activity; however we do recommend that you change your customer account PIN."

Affected customers of T-Mobile are encouraged to update their name, PIN, and security questions and answers. Via 'myTrueIdentity' from Transunion, T-Mobile is providing two years of free surveillance and identity fraud prevention services. Details on how to log on to these systems are given to the recipient of the data breach notice that is sent to the compromised customers. Changing PIN and security concerns, since both have been weakened, should be a top priority at this time.
Read more »
Subscribe to: Posts (Atom)