Sealed Indictment Shows Case Against Hacker Behind Massive T-Mobile Data Breach

A sealed indictment obtained by 404 Media describes the case against John Binns, who allegedly hacked into T-Mobile, stole 40 million user records, and then sold them.
The T-Mobile logo.
Image: Mika Baumeister/Unsplash.

The U.S. has accused a man living in Turkey for hacking T-Mobile in 2021 and then selling stolen data on more than 40 million people, according to sealed court records obtained by 404 Media. The man, John Erin Binns, previously claimed responsibility for the hack in an interview with journalists, in which he described T-Mobile’s security as “awful.” Now, Binns tells 404 Media he does not think he will be extradited from Turkey to face the charges.

“I have reasons to not be that concerned,” Binns said in an online chat. The court record describes Binns as a U.S. citizen; Binns said he is waiting for an administrative problem to be resolved before he is formally considered a Turkish citizen. That would complicate any efforts to extradite Binns to the U.S.

The court record says that “Binns, with the assistance of others, known and unknown to the Grand Jury, successfully hacked the protected computers and networks of T-Mobile US, Inc.” Binns used the handles Irdev, IntelSecrets, V0rtex, and SubVirt, according to the court records.