Reply To: OCU ISSO Week 5 Lesson 17 Discussion
In 2022, T-Mobile was the target of more than 100 separate incidents. Three different cybercriminal groups claimed to have access to the internal networks of the communication giant. All three of the cybercriminal groups gained access to T-Mobile data by using a Phishing scam that said customers could get a new SIM card for their devices. The customers would receive a text message that appeared as if it came from T-Mobile but was from a third party. The customers provided their phone numbers and the serial number from the SIM card.
The original goal of the cyber attack was to see how many times the three groups could access the T-Mobile network. The cybercriminal groups posted new numbers each day as to how many times they had accessed the network. It was so easy for them to gain access to the network that by May of 2022 they stopped posting numbers.
The M.O.M of these three cybercriminal groups was perfect for the taking if you ask me. The means they all used was the Phishing scam using the text message to get the customer’s information. The opportunity was there as well and it was an easy opportunity. Each group made the text messages look legit and authentic from T-Mobile, therefore having easy access to the data. The motive was a simple one, to see how many times each group could get access to T-Mobiles internal networks.
The incident in 2022 cost T-Mobile $350 million just in pay-outs to customers. These kinds of incidents stress the importance of making sure their networks are secure, making sure that staff and employees use strong passwords, and making sure that employees and staff have the proper training to detect, engage and defend against any cyber threats.