T-Mobile CEO 'sorry' for data breach that affected 54 million users
CEO Mike Sievert has issued a public apology for T-Mobile's failure to prevent the cyberattack that saw personal details of more than 50 million people stolen.
Mike Sievert, T-Mobile CEO
As the hacker who claims responsibility for the attack calls T-Mobile's security "awful," the company has detailed the steps it is taking to improve. In an open letter on its website, the company also apologizes for the attack, and called it "humbling."
"Knowing that we failed to prevent this exposure is one of the hardest parts of this event," wrote CEO Mike Sievert. "On behalf of everyone at [T-Mobile], I want to say we are truly sorry."
To say we are disappointed and frustrated that this happened is an understatement," he continued. "Keeping our customers' data safe is a responsibility we take incredibly seriously and preventing this type of event from happening has always been a top priority of ours. Unfortunately, this time we were not successful."
Sievert, who took over as T-Mobile CEO in May 2020, also said that the company's investigation was winding down. And that consequently he wanted to "share an update on our work and, importantly, what's next."
"We're fully committed to take our security efforts to the next level as we work to rebuild trust and I want to tell you more about what we have in progress," he wrote. "We recognize that many are asking exactly what happened. While we are actively coordinating with law enforcement on a criminal investigation, we are unable to disclose too many details."
Sievert outlines certain specific issues for users, such how the company is now offering free identity protection services. Those remain as previously detailed, but the CEO has now revealed longer-term and broader changes regarding the company's security.
"Today I'm announcing that we have entered into long-term partnerships with the industry-leading cybersecurity experts at Mandiant," continued Sievertand. "And with consulting firm KPMG LLG."
"We know we need additional expertise to take our cybersecurity efforts to the next level-- and we've brought in the help," he said. "These arrangements are part of a substantial multi-year investment to adopt best-in-class practices and transform our approach."
Read on AppleInsider
Mike Sievert, T-Mobile CEO
As the hacker who claims responsibility for the attack calls T-Mobile's security "awful," the company has detailed the steps it is taking to improve. In an open letter on its website, the company also apologizes for the attack, and called it "humbling."
"Knowing that we failed to prevent this exposure is one of the hardest parts of this event," wrote CEO Mike Sievert. "On behalf of everyone at [T-Mobile], I want to say we are truly sorry."
To say we are disappointed and frustrated that this happened is an understatement," he continued. "Keeping our customers' data safe is a responsibility we take incredibly seriously and preventing this type of event from happening has always been a top priority of ours. Unfortunately, this time we were not successful."
Sievert, who took over as T-Mobile CEO in May 2020, also said that the company's investigation was winding down. And that consequently he wanted to "share an update on our work and, importantly, what's next."
"We're fully committed to take our security efforts to the next level as we work to rebuild trust and I want to tell you more about what we have in progress," he wrote. "We recognize that many are asking exactly what happened. While we are actively coordinating with law enforcement on a criminal investigation, we are unable to disclose too many details."
Sievert outlines certain specific issues for users, such how the company is now offering free identity protection services. Those remain as previously detailed, but the CEO has now revealed longer-term and broader changes regarding the company's security.
"Today I'm announcing that we have entered into long-term partnerships with the industry-leading cybersecurity experts at Mandiant," continued Sievertand. "And with consulting firm KPMG LLG."
"We know we need additional expertise to take our cybersecurity efforts to the next level-- and we've brought in the help," he said. "These arrangements are part of a substantial multi-year investment to adopt best-in-class practices and transform our approach."
Read on AppleInsider
Comments
News from other sources:
FireEye is one of the biggest firms in the global infosec market and is one of the US government’s go-to consultancies. This proved to be a drawback last year when Russian spies infiltrated the firm via its supplier SolarWinds, causing widespread headaches across the US public sector. (FireEye sold to McAfee's new owners for $1.2bn as Mandiant split into standalone firm again).
Did a search for KPMG LLG and it only returns other articles talking about this subject. There is a KPMG LLP so what is this company's actual name? I found a reference to KPMG LLG that pointed to a person who lists the company as KPMG LLP under Linkedin as:
Where is AI and all the other media outlets getting this information?
Will keep happening until there is real teeth in the penalty for these breaches. Where is the legislation, legislators? Why are we still leaving to companies to self police, or not, as they see fit? Meanwhile we can vote with our pocketbooks. Don’t support these repeat offenders!
Most likely -- because I have been notified that some of my info was stolen -- but not all that's being reported (like SSN).