The Tech Herald

T-Mobile staffers and PR team exposed by webserver breach

by Steve Ragan - Jan 17 2012, 02:10

T-Mobile staffers and PR team exposed by webserver breach. Image: T-Mobile.

Several T-Mobile employees and a handful of their PR agents had some of their contact data exposed after one of the company’s webservers were breached. The group TeaMp0isoN claimed responsibility, noting that they exploited SQL Injection vulnerabilities on to obtain the data.

According to persons speaking on behalf of TeaMp0isoN, T-Mobile was targeted for “supporting the Big Brother Patriot Act law.”

“One of the main reasons for the hack is because they are corrupted, but we also wanted to show how weak their security is.”

In a published document, which lists 38 company contacts, the group remarked on the weak passwords released, noting that they were “manually given to staff via an admin who uses the same set of passwords.”

Looking at the list, the set of passwords issued are 112112, pass, or glg5548. The last password in the block seems to have been assigned only to staffers of the Garrigan Lyman Group, an agency that represents T-Mobile.

In addition, staffers from Waggener Edstrom, another PR firm representing the telecom company, were exposed as well.

The attack was possible due to SQL Injection flaws present on and Both domains were actively delivering content on Monday afternoon, as word of the breach spread.

Currently, the amount of data taken from the T-Mobile website is unknown. It’s possible that the only thing obtained was the brief list. We’ve been in contact with T-Mobile and Waggener Edstrom. We’ll update this story with additional information as we have it.



Without going into any technical issues, T-Mobile has said that the “issue only impacted our newsroom, which is a non-critical system and does not affect our customers.”

Officially, the statement from company reads as follows:

T-Mobile's newsroom, which is hosted by an external third party, experienced a security issue last week. No other online T-Mobile properties were affected. We've identified the root cause of the issue and security protocols have been updated. This issue did not impact T-Mobile customers.

Unfortunately, this does not answer many questions. They will not comment on who hosted the news portal or who developed it, which is important assuming the issue was purely code related and they outsourced the creation of the newsroom. Moreover, they would not comment on the security protocols that were changed, or the basic passwords issued to the newsroom’s operators.


Comment on this Story

comments powered by Disqus


Average Guys With Average Cars. #average

Great new video from up-and-coming clothing brand the Average Squad. The short was posted by...

This Man Was Too Poor To Buy A Car. How He Treats Them Now Is So Touching

This is one of the most touching videos about cars in a long time. It tells the story of a m...

Lucky Escape from Out of Control Truck

This man had a lucky escape on a New Jersey Turnpike when he had to stop on the road du...

Concept Car Videos from Detroit Auto Show

As at every big car show manufacturers at the Detroit Auto Show 2015 were keen to give us th...

Concept Car Pictures from Detroit Auto Show

Well we still had a few pics from the in Detroit Auto Show to put up. These are some of...