Products
▸
A former owner of a T-Mobile retail store in Los Angeles had been illicitly accessing T-Mobile’s internal systems and unlocking phones for customers without T-Mobile US’s permission. His aim was to ensure that the devices could be used on different networks.
The man unlocked devices from the cellular networks of their vendors and enabled people to use them with other telecommunication providers. He also unlocked lost and stolen devices.
It was possible to perform the unlockings as the man had compromised over 50 T-Mobile employee credentials. Many of these accounts belonged to high-ranking employees, who, obviously, had access privileges. In order to gain access to the accounts, the intruder implemented phishing and social engineering methods, making T-Mobile employees to share logins and passwords.