U.S. telecom service provider T-Mobile said it recently detected attempts made by bad actors to infiltrate its systems in recent weeks but noted that no sensitive data was accessed.
These intrusion attempts “originated from a wireline provider’s network that was connected to ours,” Jeff Simon, chief security officer at T-Mobile, said in a statement. “We see no instances of prior attempts like this.”
The company further said its security defenses prevented the threat actors from disrupting its services or obtaining customer information. It has since confirmed that it cut off connectivity to the unnamed provider’s network. It did not explicitly attribute the activity to any known threat actor or group, but noted that it has shared its findings with the U.S. government.
Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
Speaking to Bloomberg, Simon said the company observed the attackers running discovery-related commands on routers to probe the topography of the network, adding the attacks were contained before they moved laterally across the network. T-Mobile is the first company to publicly acknowledge the cyber incident.
The development comes shortly after reports that a China-linked cyber espionage group called Salt Typhoon (aka Earth Estries, FamousSparrow, GhostEmperor, and UNC2286) targeted multiple U.S. telecom companies, including AT&T, Verizon, and Lumen Technologies, as part of an intelligence gathering campaign.
“Simply put, our defenses worked as designed – from our layered network design to robust monitoring and partnerships with third-party cyber security experts and a prompt response – to prevent the attackers from advancing and, importantly, stopped them from accessing sensitive customer information,” Simon said. “Other providers may be seeing different outcomes.”
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
Some parts of this article are sourced from:
thehackernews.com
Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers