American who stole and sold T-Mobile customer data busted in Turkey

The man responsible for the 2021 T-Mobile data breach is close to being brought to justice.

John Binns, an American citizen with a Turkish mother bragged about breaking into T-Mobile‘s systems in 2021, claiming the carrier had awful security. While Binns acted as if that was his only motive, it is believed that he stole the data of millions of customers and put the repository up for sale on dark web forums that are popular hangout spots for cybercriminals.

Binns has been living in Turkey for quite some time and American authorities had been trying to get him extradited, which was no easy task, given the complicated relationship between the two countries. Binns had also applied for Turkish citizenship, which would have made the extradition process even harder.

Binns, now 24, was indicted for hacking the network used by T-Mobile last year. He has finally been arrested in Turkey, according to The Desk.

Turkish authorities detained him after the extradition request was approved by a local court and he will be sent to the US.

Prosecutors believe that Binns began his pursuits to hack T-Mobile around 2020 when he used computer programs to scan through Internet Protocol (IP) addresses associated with networks used by T-Mobile.

An an unprotected router helped him eventually get into the servers used by T-Mobile‘s Bellevue data center. He apparently also installed backdoors that would allow him to get back into the system in case the company fixed the vulnerabilities that allowed him to get access.

It is alleged that he stole credentials to go through the carrier’s protected computers and networks as well as additional server groups located in various locations around the world.

He also got his hands on customer information and got four more people on board to sell the data. On August 11, he offered to sell the personal information of over 124 million Americans in exchange for a payment of about $270,000. He later edited his post to say he had access to data of 30 million customers. After several days, he found a buyer.

A third-party security firm hired by the carrier presumably also bought the data for around $150,000 in hopes of halting its spread but that didn’t stop the hackers from attempting to sell it to other interested parties as well.

According to T-Mobile’s estimates, around 54 million customer records were stolen. The database included names, social security numbers, birth dates, and IMEI and IMSI numbers of customers.