Hacktivists expose personal info of T-Mobile staffT-Mobile was hit on Saturday with a hacktivist attack, which resulted in the publication of personal information of some 80 of the wireless communications provider's employees.
TeaMp0isoN, a splinter group of the Anonymous hacktivist collective, published the data – names, emails, phone numbers and passwords – on the Pastebin site, the usual depository for Anonymous-type exposures. The data was apparently stolen in October, based on date and time stamps on the posting.
At the bottom of the list – which shows that most of the T-Mobile employees have the same password, 112112 – TeaMp0isoN professed that the company's weak password management motivated its action:
"Look at the passwords, epic fail. All the passwords are manually given to staff via an admin who uses the same set of passwords," the group's statement reads.
In a report on Softpedia, the group also claimed it acted out of displeasure with the company's support of "the Big Brother Patriot Act law."
TeaMp0isoN, a group consisting of 10 or so hackers, according to its Facebook page, first emerged in 2009. It is apparently headed by a U.K.-based teenage hacker who identifies himself as "TriCk," and has claimed support for Pakistani and Muslim-based hacking groups. On ideological grounds, it has attacked the websites or exposed personal information of NASA, former British Prime Minister Tony Blair, Facebook, a number of U.S. government servers, BlackBerry, the United Nations, and even that of rival hacktivist group LulzSec.
"T-Mobile's newsroom experienced a security issue last week," a T-Mobile spokesperson said in a statement sent to SCMagazine.com on Tuesday. "No other online T-Mobile properties were affected. We've identified the root cause of the issue and security protocols have been updated. This issue did not impact T-Mobile customers."