 |
 Mobile operator victimized
January 13, 2005
A computer intruder broke into T-Mobile USA's computer systems more than a year ago and obtained the names and Social Security numbers of many of its customers, the Washington-based company acknowledged Wednesday. A subsequent violation, though not confirmed, is believed to have occurred last fall, the ramifications of which are still unknown.
The Californian man, Nicholas Lee Jacobsen, was arrested in October on charges of PC break-in and dissemination of securely stored information.
The mobile-phone provider said Wednesday that it discovered the breach in late 2003 and immediately took steps to lock out the intruder. A subsequent investigation found that the unidentified person had accessed the name and Social Security numbers of 400 T-Mobile customers. The customers were notified in writing of the incident, the company said.
"Safeguarding T-Mobile customer information is a top priority for the company," spokesman Peter Dobrow said. Dobrow said T-Mobile discovered a break-in late in 2003 and "immediately took steps that prevented any further access to this system." But another break-in believed to be connected to the first occurred in 2004, Dobrow said. The company still is investigating.
The investigation of the T-Mobile break-in became widely public yesterday after details were published on Security Focus, a Web site owned by computer-security giant Symantec. The investigation was part of a U.S. Secret Service effort called "Operation Firewall" to target global credit-card fraud and identity theft over the Internet.
T-Mobile USA, part of German-based Deutsche Telekom, has about 16.3 million subscribers and is the fifth-largest carrier in the U.S. It markets heavily to younger users and draws an A-list celebrity crowd with its T-Mobile Sidekick, a device that allows wireless e-mailing, instant messaging and Web browsing.
Investigators said they traced the hacker's online activities to a hotel in Williamsport, N.Y., where Jacobsen was staying.
Court records said an online offer posted on an underground webforum tied to Jacobsen in March 2004 claimed hackers could look up the name, Social Security number, birthdate and passwords for voice mails and e-mail for T-Mobile customers for a small bounty.
The most interesting thing is that one customer who extensively used T-mobile's services to communicate sensitive information over the wireless network was a Secret Service agent Peter Cavicchia, whose former job was to monitor and prosecute Net offenders. While he was traveling over the US, his former co-workers used to send him confidential data to be reviewed while on a trip. It is said that among the confidential customer information retrieved from the cellular operator's servers Nicholas was able to get a hold of that belonging to a special agent.
Furthermore, since T-mobile offers its customers an internal multimedia and e-mail storage portal, hacker was able to also gain access to a significant part of its resources. Among them, the Californian hacker was able to locate and distribute over the Internet a number of personal photos taken by the T-mobile's celebrities like Demi Moore, Ashton Kutcher, Nicole Richie and Paris Hilton.
|
|
