A small correction to your article, the claim is from an email sent to the Full Disclosure mailing list, not a post on insecure.org. Insecure.org is just one of the many sites that archives emails sent to the Full Disclosure mailing list.

I stand corrected. And noted the difference here.

Thank you
Larry

Totally unrelated, but your RSS 2.0 link in the lower right returns a 404 from Feedburner. I'd like to subscribe to your feed.

Looks like a legit list to me. I see servers on that list from my previous days employed with T-Mobile.

The RSS feed has been fixed. Thanks for the heads up.

Its obvious they have someone on the inside that will ensure they have granted access.

server names, OSs, and related info can be gleaned from a variety of sources, the least of which would be a printout of server resources found while 'dumpster diving' near a T-Mobile office. Or an internal nmap-scan that was smuggled out by a friend-of-a-friend-of-a-friend.

that email is missing all sorts of info that could validate the claim and sounds more like script kiddies blowing smoke up someone's butt to gain some attention.

"We already contacted with their competitors and they didn't show interest in buying their data..."

of course not! if they contacted *real* competitors like Sprint, 3, Vodaphone, etc., they would not touch that data with a 10-foot pole, since having it admits buying it from a stolen source. duh!

"...probably because the mails got to the wrong people..."

probably because it was either ignored as a hoax, or forwarded on to the authorities. hello brainstem!

"We have everything..."

if they did, it could be hundreds of terabytes of info. had they been downloading it *all* i would like to think someone at t-mobile would have noticed such a large continuous data transfer, or at least noticed a large amount out-bound traffic going *somewhere*, considering they claim to have 2009 data.

and the opening line is copy-n-pasted from news sources (or from T-Mobile itself).

the whole email smells of dead fish.

I have tmobile. just called them and they won't acknowledge that such a breech took place. I imagine they provide service in CA. If so there's a law that companies are required to notify their customers of such a breech.

Ya right "We have everything, their databases..."
I work IT and did security for several years. It would take quite some hacker or team to get "everything". Most can only get a certain type, domain, or group of systems. It looks like they were able to run an nmap scan, beyond that who knows. Without more evidence, I'm not biting.

@anon - a company is allowed to determine WHETHER a breach has occurred, and WHETHER such a breach includes any sensitive customer data before they are required to provide notification. T-Mobile has already indicated that they are researching the issue and that they will notify any affected customers (or employees).

As a former T-Mo employee I can also state that they DID notify all employees when they thought there may have been a compromise of some HR data. They also offered the industry standard one year of credit card watch service. I'm sure they will do the right thing.

This wasn't an NMAP scan. It's from a text file that's probably used for scripts and the like.

We have something very similar that's used for patch upgrades, monitoring, etc.

"We already contacted with their competitors and they didn't show interest in buying their data..."

of course not! if they contacted *real* competitors like Sprint, 3, Vodaphone, etc., they would not touch that data with a 10-foot pole, since having it admits buying it from a stolen source. duh!
thanks

Making a policy not to purchase stolen goods -- such as a rival's customer database -- sounds like common sense, but common sense isn't commonly practiced. This type of thing happens all the time. We just don't call it hacking; we call it hiring. Companies recruit and hire salespeople from rivals all the time for their account knowledge and contact lists. I'm often asked by salespeople who owns the contact list, the company or the individual? The complex answer is both. The simple answer is the individual. While the company owns the informatoin developed over the course of employment history, individual salespeople own the relationship. So when a salesperson leaves, they take the relationship with them. I know it's not the same, but it is indicative of some of the things that happen in the gray zone.

Hey, I really enjoy your blog. I have a blog too in a totally unrelated field (Online Stock Trading) but I like to check in here on a regular basis, just to see what's going on and it's always interesting to say the least. It's always entertaining what people have to say.

Since t-mobile admitted to running credit card scans for the next year, they are basically admitting that customers' credit card information has been compromised. This could easily be the largest scam in history! Not all 16 million customers are cautious enough to cancel their credit cards, and t-mobile is not going to call the banks of each of their customers and let them know which customers have been compromised. T-mobile basically just got ripped off, which has implications for various stakeholders. A lot of criminals will be receiving free goodies, a lot of banks are going to lose money, and a lot of customers are going to start receiving swells of spam and junk mail from those companies that buy the stolen customer information.

Thanks for writing

Please advise on the best choice Managed Service system available?
I searched the web and discovered the following:
Kaseya.com
GFI.com
Logmein.com

They all look different... Does anyone has other suggestions?
As well had anyone try that software:
N-able remote monitoring and management software ?