T-Mobile has confirmed they've been compromised (again). This time it was slightly different — they were compromised by Chinese state-sponsored Threat Actors.

The United States Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) put out a statement regarding the matter on November 13th.

This makes this the 9th time T-Mobile (or a T-Mobile partner) has been compromised since 2019. We've actually lost count on the number of compromises, but thankfully BleepingComputer has archived and/or documented them really well.

Our hearts go out to the cybersecurity employees at T-Mobile. Following some of the more recent breaches we became familiar with some of the employees there and the difference they're trying to make with the organization. We wholeheartedly believe they're trying to improve the security posture of the organization... but APT Salt Typhoon a/k/a UNC2286 is a heavy hitter and is no joke.