It takes a very specific type of person to steal nearly 50 million people’s data and then brag about it under your real name in a major international newspaper. John Binns, according to the Wall Street Journal, is exactly that type of person.
The paper reports that the 21-year-old American is behind the August T-Mobile hack. He pilfered an assortment of past, present, and prospective T-Mobile users’ info including full names, birthdays, Social Security numbers, driver’s license and other ID information, and, in some cases, account PINs. And he’s apparently not shy about sharing that fact.
“Generating noise was one goal,” he told the Journal. Well, goal accomplished.
Binns claims the hack took him about a week, and that he was able to locate a cache of stored T-Mobile credentials.
“Their security is awful,” he told the Journal.
We reached out to T-Mobile in an attempt to determine if it disagrees with Binns’ assessment, but received no immediate response.
While the Journal says Binns spoke with the paper via an account that “discussed details of the hack before they were widely known,” it’s not clear how trustworthy Binns’ claims are. He told the paper he’d been kidnapped in Germany and held in some sort of pretend mental hospital, and that part of his motivation for discussing the T-Mobile hack so openly was so that “someone within the FBI leaks information about that.”
SEE ALSO: You’re a T-Mobile customer? Here’s what to do after that massive hack.
With that being said, if past security incidents involving T-Mobile are any indication, Binns’ description of the company’s digital security can’t be that far off. An assortment of data breaches and hacks in 2018, 2019, and 2020 suggest that T-Mobile customers are, by now, unfortunately used to this sort of thing.