John Binns, a 21-year-old American, originally from Virginia and living in Turkey, admitted to being the main force behind the massive T-Mobile hack, which exposed the sensitive information of more than 50 million people.
Desire for revenge
Alon Gal, co-founder of cybercrime intelligence firm Hudson Rock, already suspected him of being the perpetrator of the attack. At the beginning of the month, he has indeed shared a message, which he had received from John Binns. The post said that “the breach was made in revenge on the United States for the kidnapping and torture of John Erin Binns (CIA Raven-1) in Germany by CIA and Turkish intelligence agents in 2019 “.
“We did it to damage American infrastructure,” the perpetrator of the attack allegedly told Alon Gal at the time.
John Binns has now spoken publicly in an interview with the Wall Street Journal, confessing to the newspaper that he was behind the attack, which he allegedly carried out from his home in Izmir, Turkey, where he lives with his mother. His father, who died when he was two, was American and his mother is Turkish. They returned to Turkey when he was 18.
“Their security is terrible”
Through Telegram, John Binns provided the Wall Street Journal evidence that he was behind the T-Mobile attack, telling reporters that he initially accessed T-Mobile’s network through an unprotected router in July.
According to the daily, he searched for loopholes in T-Mobile’s defenses through his internet addresses, and obtained access to a data center near East Wenatchee, Wash., Where he was able to explore. over 100 company servers. From there, it took him about a week to access the servers that held the personal data of millions of people. On August 4, he had stolen millions of files.
“I was panicking because I had access to something important. Their safety is terrible, ”John Binns told the Wall Street Journal. “Making noise was a goal. “
He didn’t want to confirm if the data he stole had already been sold or if someone else paid him to hack T-Mobile. Although John Binns did not explicitly say that he worked with others on the attack, he admitted that he needed help acquiring login credentials for the databases at the inside T-Mobile systems.
The article from Wall Street Journal Also mentions that T-Mobile was initially made aware of the breach by a cybersecurity company called Unit221B LLC, which says its customers’ data was being traded on the dark web.
John Binns reiterated his claim that the attack was carried out because he was angry with the way he had been treated by US law enforcement in recent years.
In November, John Binns filed a lawsuit against the FBI, the CIA and the Department of Justice. He indicates that he is under investigation for various cybercrimes, including his participation in the Satori botnet conspiracy, and that he was tortured and spied on because of his alleged membership of the militant group Islamic State – which he said. demented.
He reiterated his claims that he was kidnapped in Germany and Turkey, and unfairly placed in a mental institution against his will by US law enforcement.
“I have no reason to make up a fake kidnapping story and I hope someone within the FBI discloses information about it,” he explained in his messages to Wall Street Journal.
More than 50 million people affected by the data breach
T-Mobile did not respond to our requests for comment, but its statement last week confirmed that names, dates of birth, social security numbers, driver’s license, phone numbers, as well as IMEI and IMSI information about 7.8 million customers had been robbed in the breach.
The name, date of birth, Social Security number and driver’s license of 40 million former or future customers have also been leaked. Information such as name, address, date of birth, phone number, IMEI and IMSI of more than 5 million “current postpaid customer accounts” have also been illegally accessed.
T-Mobile adds that another 667,000 accounts of former T-Mobile customers had their information stolen, along with a group of 850,000 active T-Mobile prepaid customers, including names, phone numbers and codes. PIN accounts were exposed. According to T-Mobile, the names of 52,000 people with Metro by T-Mobile accounts may also have been viewed.
The telecommunications giant, which is the second largest in the United States, behind Verizon, is offering victims two years of free identity protection services, along with McAfee’s identity theft protection service.