U.S. Telecom Giant T-Mobile Detects Network Intrusion Attempts from Wireline Provider

Avatar
U.S. telecom service provider T-Mobile said it recently detected attempts made by bad actors to infiltrate its systems in recent weeks but noted that no sensitive data was accessed. These intrusion attempts “originated from a wireline provider’s network that was connected to ours,” Jeff Simon, chief security officer at T-Mobile, said in a statement. “We see no instances of prior attempts like

U.S. telecom service provider T-Mobile said it recently detected attempts made by bad actors to infiltrate its systems in recent weeks but noted that no sensitive data was accessed.

These intrusion attempts “originated from a wireline provider’s network that was connected to ours,” Jeff Simon, chief security officer at T-Mobile, said in a statement. “We see no instances of prior attempts like this.”

The company further said its security defenses prevented the threat actors from disrupting its services or obtaining customer information. It has since confirmed that it cut off connectivity to the unnamed provider’s network. It did not explicitly attribute the activity to any known threat actor or group, but noted that it has shared its findings with the U.S. government.

Speaking to Bloomberg, Simon said the company observed the attackers running discovery-related commands on routers to probe the topography of the network, adding the attacks were contained before they moved laterally across the network. T-Mobile is the first company to publicly acknowledge the cyber incident.

The development comes shortly after reports that a China-linked cyber espionage group called Salt Typhoon (aka Earth Estries, FamousSparrow, GhostEmperor, and UNC2286) targeted multiple U.S. telecom companies, including AT&T, Verizon, and Lumen Technologies, as part of an intelligence gathering campaign.

“Simply put, our defenses worked as designed – from our layered network design to robust monitoring and partnerships with third-party cyber security experts and a prompt response – to prevent the attackers from advancing and, importantly, stopped them from accessing sensitive customer information,” Simon said. “Other providers may be seeing different outcomes.”

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

 The Hacker News 

Total
0
Shares
Previous Post

BIC, Starbucks, Morrisons continue recovery after Blue Yonder ransomware attack

Next Post

Cybercriminals Exploit Popular Game Engine Godot to Distribute Cross-Platform Malware

Related Posts

Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials

Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail software as part of a phishing attack designed to steal user credentials. Russian cybersecurity company Positive Technologies said it discovered last month that an email was sent to an unspecified governmental organization located in one of the Commonwealth of
Avatar
Read More

Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems

Cybersecurity security researchers are warning about an unpatched vulnerability in Nice Linear eMerge E3 access controller systems that could allow for the execution of arbitrary operating system (OS) commands. The flaw, assigned the CVE identifier CVE-2024-9441, carries a CVSS score of 9.8 out of a maximum of 10.0, according to VulnCheck. "A vulnerability in the Nortek Linear eMerge E3 allows
Avatar
Read More