US Secret Service data compromised in T-Mobile hack

A malicious hacker penetrated the network of mobile phone company T-Mobile USA and accessed information on 400 of the company's customers, including sensitive information from the account of a U.S. Secret Service agent, according to statements by T-Mobile and the Secret Service.

In an e-mail statement, the mobile carrier acknowledged that Nicholas Jacobsen, a California-based hacker, compromised its internal computer systems in 2003 and viewed the Social Security numbers of 400 customers. A Grand Jury in California charged Jacobsen with one count of unauthorized impairment of a protected computer and one count of unauthorized access to a protected computer, according to a copy of the indictment.

Included among the customers was a U.S. Secret Service agent who had agency materials linked to Secret Service investigations stored on T-Mobile systems. That information was obtained by Jacobsen, but did not compromise any ongoing work, according to Secret Service spokesman Jonathan Cherry.

The unnamed Secret Service agent violated rules that forbid sensitive documents from being copied to other computer systems, Cherry said. He would not comment on whether the agent would be punished for the breach of policy.

The statement from T-Mobile, which is now part of Deutsche Telekom, shed some light on published allegations that Jacobsen used his access to T-Mobile to explore the accounts of members, including the U.S. Secret Service employee and celebrity cell phone accounts that stored snapshots taken on T-Mobile phones.

The company said that Jacobsen is believed to be involved in other attempts to gain access to customer information and that it is cooperating with the Secret Service in investigating those allegations, including allegations about access to customer photos.

T-Mobile claims that it discovered the intrusion on its network in Oct. 2003, then reported it to the U.S. Secret Service. After launching an investigation into the hack, the Secret Service found that its own agent was a victim of information theft, and contacted T-Mobile about the leak of sensitive documents over its network in 2004, according to Kyle Warnick, a company spokesman.

The Secret Service could not comment on published reports that an informant alerted agents that sensitive documents were circulating on the hacker underground, Cherry said.

Customers whose accounts were accessed by Jacobsen were notified in writing about the breach, in accordance with California law, in early 2004, but only after the company received clearance from the Secret Service. T-Mobile is unaware of any problems with those accounts stemming from the hack.

Safeguarding customer information is a top priority for T-Mobile, the company said.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

More about CherryDeutsche TelekomT-Mobile

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Brand Page

Stories by Paul Roberts

Latest Videos

More videos

Blog Posts