Jan 20 (Reuters) – T-Mobile (TMUS.O), the No.3 U.S. wireless carrier by subscribers, said on Thursday it was investigating a data breach involving 37 million postpaid and prepaid accounts and that it could incur significant costs related to the incident.
The company, which has more than 110 million subscribers, said it identified malicious activity on Jan. 5 and contained it within a day, adding that no sensitive data such as financial information was compromised.
However, some basic customer data — such as name, billing address, email and phone number — was obtained, and it had begun notifying impacted customers, said T-Mobile.
“Our investigation is still ongoing, but the malicious activity appears to be fully contained at this time, and there is currently no evidence that the bad actor was able to breach or compromise our systems or our network,” the company said.
The U.S. Federal Communications Commission (FCC) has opened an investigation into the data breach, the Wall Street Journal reported on Thursday, citing an FCC spokesperson.
FCC and T-Mobile did not immediately respond to Reuters’ requests for comment on the reported investigation.
“While these cybersecurity breaches may not be systemic in nature, their frequency of occurrence at T-Mobile is an alarming outlier relative to telecom peers,” said Neil Mack, senior analyst for Moody’s Investors Service.
“It could negatively impact customer behavior, cause churn to spike and potentially attract the scrutiny of the FCC and other regulators.”
Last year, T-Mobile agreed to pay $350 million and spend an additional $150 million to upgrade data security to settle litigation over a cyberattack in 2021 that compromised information belonging to an estimated 76.6 million people.
The Bellevue, Washington-based company’s shares fell 2% in after-hours trade.
Reporting by Eva Mathews and Lavanya Ahire in Bengaluru; Editing by Sriraj Kalluvila, Maju Samuel, Rashmi Aich and Savio D’Souza
Our Standards: The Thomson Reuters Trust Principles.
WASHINGTON, Oct 15 (Reuters) – A former Wall Street Journal reporter is accusing a major U.S. law firm of having used mercenary hackers to oust him from his job and ruin his reputation.
In a lawsuit filed late Friday, Jay Solomon, the Journal’s former chief foreign correspondent, said Philadelphia-based Dechert LLP worked with hackers from India to steal emails between him and one of his key sources, Iranian American aviation executive Farhad Azima.
Solomon said the messages, which showed Azima floating the idea of the two of them going into business together, were put into a dossier and circulated in a successful effort to get him fired.
Register now for FREE unlimited access to Reuters.com
The lawsuit, filed in federal court in Washington, said Dechert “wrongfully disclosed this dossier first to Mr. Solomon’s employer, the Wall Street Journal, at its Washington DC bureau, and then to other media outlets in an attempt to malign and discredit him.” It said the campaign “effectively caused Mr. Solomon to be blackballed by the journalistic and publishing community.”
Dechert did not immediately return a message seeking comment. Azima – who filed his own lawsuit against Dechert on Thursday in New York – did not immediately return a message. read more
Solomon’s suit is the latest in a series of legal actions that follows Reuters’ reporting about hired hackers operating out of India. In June, Reuters reported on the activities of several hack-for-hire shops, including Delhi area-companies BellTroX and CyberRoot, that were involved in a decade-long series of espionage campaigns targeting thousands of people, including more than 1,000 lawyers at 108 different law firms.
At the time, Reuters reported that people who had become hacking targets while involved in at least seven different lawsuits had each launched their own inquiries into the cyberespionage campaign.
That number has since grown.
Azima, Solomon’s former source, is among those who have gone to court over the alleged hacking. His lawyers, like Solomon’s, allege that Dechert worked with BellTroX, CyberRoot and a slew of private investigators to steal his emails and publish them to the web.
BellTroX and CyberRoot are not parties to the suit and could not immediately be reached. Executives at both firms have previously denied wrongdoing.
Solomon and Azima allege that Dechert undertook the hack-and-leak operation in the interest of its client, Sheikh Saud bin Saqr al-Qasimi, ruler of the Middle Eastern emirate of Ras Al Khaimah. Reuters has reported that lawyers for Ras Al Khaimah’s investment agency – RAKIA – used the emails to help win a fraud lawsuit filed against Azima in London in 2016.
Azima, who denies RAKIA’s fraud allegations, is trying to have the judgment thrown out.
In addition to being deployed in court, the leaked emails also made their way to The Associated Press, which published two articles about Azima in June of 2017, including one that revealed the airline mogul had offered reporter Solomon a minority stake in a company he was setting up. The Journal fired Solomon shortly before the AP’s story was published, citing ethical violations.
Solomon says he never took Azima up on his proposal or benefited financially from their relationship. In a first-person account of the scandal published in the Columbia Journalism Review in 2018, the ex-journalist said he never pushed back on Azima’s talk of business opportunities because he was trying to humor a man who had been crucial to his reporting on the Middle East. Solomon acknowledged “serious mistakes in managing my source relationship with Azima” but said he had been the target of an “incredibly effective” information operation.
The Journal, which is not a party to suit, declined comment. The AP did not immediately return a message.
Solomon won several awards for his work as a foreign correspondent before his firing. He declined to provide an on-the-record comment about the lawsuit, but in his 2018 account he called the episode a warning for journalists.
“Leaks and hacks of emails and correspondences can blow up intricate reporting and derail months, if not years, of work,” he said.
Register now for FREE unlimited access to Reuters.com
Reporting by Raphael Satter; Editing by David Gregorio
Our Standards: The Thomson Reuters Trust Principles.
People’s miniatures are seen in front of Okta logo in this illustration taken March 22, 2022. REUTERS/Dado Ruvic/Illustration
Register now for FREE unlimited access to Reuters.com
Register
WASHINGTON, March 23 (Reuters) – Okta said on Wednesday hundreds of its customers may have been affected by a security breach involving hacking group Lapsus$, amid criticism of the digital authentication firm’s slow response to the intrusion that knocked its shares down about 11 percent.
The breach sparked concern because the cyber extortion gang had posted what appeared to be internal screenshots from within the organization’s network roughly a day ago. read more
Okta’s Chief Security Officer David Bradbury said in a series of blog posts that the “maximum potential impact” was to 366 customers whose data was accessed by an outside contractor.
Register now for FREE unlimited access to Reuters.com
Register
The contractor, the Miami-based Sitel Group, employed an engineer whose laptop the hackers had hijacked, Bradbury said, adding that the 366 figure represented a “worst case scenario” and that the hackers had been constrained in their range of possible actions.
A representative for Sykes, a subsidiary of the Sitel Group, said in an emailed statement that the company was unable to comment on its relationship to its customers but it undertook an “immediate and comprehensive” investigation into the breach and had since determined there was no longer a security risk.
San Francisco-based Okta helps employees of more than 15,000 organizations securely access their networks and applications, so any breach there could have serious consequences. read more
Bradbury said the intruders would have been unable to perform actions such as downloading customer databases or accessing Okta’s source code.
Okta, whose market capitalization is $26 billion, has been criticized for its reaction to the hack, which struck some experts as initially dismissive. The disquiet increased when it emerged that the company either had known – or could have known – that there was a problem much earlier.
Okta first got wind of a potential breach in January, Bradbury said, explaining that it warned the Sitel Group right away. But it was only on March 10 that Sitel received a forensic report about the incident, giving Okta a summary of the findings a week later.
Bradbury said he was “greatly disappointed by the long period of time that transpired between our notification to Sitel and the issuance of the complete investigation report.”
The hack – and Okta’s reaction to it – has made some investors nervous. The 10.74 percent fall in share price was the worst one-day percentage drop since 2018, and Raymond James Equity Research downgraded the stock from “strong buy” to “market perform,” in part citing Okta’s handling of the incident.
Register now for FREE unlimited access to Reuters.com
Register
Reporting by Raphael Satter. Editing by Shri Navaratnam, Bernadette Baum, Alexander Smith and Bernard Orr
Our Standards: The Thomson Reuters Trust Principles.