November 27, 2024 By Sergiu Gatlan
T-Mobile says the Chinese "Salt Typhoon" hackers who recently compromised its systems as part of a series of telecom breaches first hacked into some of its routers to explore ways to navigate laterally through the network.
However, the company says its engineers blocked the threat actors before they could spread further on the network and access customer information.
Also tracked as Earth Estries, FamousSparrow, Ghost Emperor, and UNC2286, this Chinese state-sponsored threat group has been active since at least 2019 and typically focuses on breaching government entities and telecommunications companies in Southeast Asia.
Jeff Simon, the company's Chief Security Officer, shared in a blog post published on Wednesday that the threat actors' attack—originating from a connected wireline provider's network—was stopped by T-Mobile's cyber defenses, including proactive monitoring and network segmentation.