Hacker got data but did not get the
network
T-Mobile has denied that data posted to security e-mail list
Full Disclosure over the weekend was obtained from its network.
Although
T-Mobile has confirmed that the data was real it denies that the phone
company's network was not hacked or breached. The poster claimed that he
had hacked into to T-Mobile and stolen the data thanks to poor security at
the telco.
T-Mobile said it was investigating how the information was
obtained, but if it was not a network hack then the 'hacker' must have
nicked it from trash bins outside the outfit's offices. The hacker
claimed to have more information saying that it had databases, confidential
documents, scripts and programs from their servers, financial documents up
to 2009.
He offered to flog the data to the highest bidder and included a
bunch of lines of codes that look like they reference some operating systems and possibly IP addresses.
But T-Mobile said the data was not customer
data. It had identified the document from which information was copied, and
believe possession of this alone is not enough to cause harm to our
customers.