Sep 2, 2021 11:14:34 AM
Sep 2, 2021 11:14:34 AM
The target: T-Mobile, a U.S based cellphone carrier.
The take: Exposure of Personally Identifiable Information of 50 million customers including: addresses, social security numbers, dates of birth, drivers’ licenses, and a small number of account PINs.
The attack vector: The attacker penetrated T-Mobile’s IT systems through an unsecured router, using the lack of credential controls as a launchpad to steal data.
Use of industry standard authentication protocols is an integral part of maintaining a rigorous cybersecurity posture, and it is critical to employ robust practices of credential management, user authentication and validation, around all points of access in a firm’s IT network. An unprotected point of entry on a key piece of equipment like a router can lead to a breach with a cascading effect on data exposure.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
84 Chain Lake Drive, Suite 501
Halifax, NS
Canada, B3S 1A2
+1-902-429-8880
Manila
Ground Floor, Three E-com Center
Mall of Asia Complex
Pasay City, Metro Manila
Philippines 1300
Sydney
Level 36 Governor Phillip Tower
1 Farrer Place Sydney 2000
Australia
+61 (2) 8823 3370
Abu Dhabi
Floor No.15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy