Alleged hack EE/BT source code of entire UK mobile network

If true all hell will break loose

Definite political edge on this one. Look at his other videos. And interesting that he names China, NK and Iran as possible state actors but does not name Russia.

Maybe before spreading possible misinformation you might corroborate it from multiple reliable sources.

YouTube not being one of them.

Edited by Nervous (Wed 29-Oct-25 20:19:40)

Curious. I was trying to use the EETV app on my tablet and phone a little earlier it was having trouble accessing the necessary server at bt.com. Coincidence or part of BT taking it down to fix it. Now back up.

Yet to head over for my daily visit to the BT forums where I expect the fuller / correct story on my outage will be being discussed.

In reply to a post by Nervous:

Maybe before spreading possible misinformation you might corroborate it from multiple reliable sources.

YouTube not being one of them.

Maybe you should read the title and what I said .... Alleged and IF .......

It is a highly political YouTube channel.
Please keep politics off ThinkBroadband

Possibly an opportunistic extrapolation (by the youtuber, or his minder, not the OP!) from this:

In reference to www.bbc.co.uk/news/articles/cgr4xpyrkdqo:

Then, in August, the UK finally revealed what many suspected – that it had been hit as part of a highly sophisticated espionage campaign codenamed Salt Typhoon, which compromised telecoms companies around the world.
.
.
"The data stolen through this activity can ultimately provide the Chinese intelligence services the capability to identify and track targets' communications and movements worldwide," the UK's National Cyber Security Centre, an arm of GCHQ, warned in a statement.

(About half-way down)

Edited by billford (Thu 30-Oct-25 09:33:25)

I read the transcript.

Not really, the guy has no idea what he's talking about. Having the 'source code' doesn't allow mass decryption of everything, ever as it's encrypted before it hits anything BT. If they've the code to the network management system that's not ideal but not the end of the world. If they've the code to the billing and provisioning systems that's not ideal but not the end of the world. The customer databases concern me far more.

If they wanted to be really interesting and actually have that data they could have some fun by highlighting the lawful intercept goodness in the BT networks. If they had access to that they could've listened to phone calls, but nothing else bar catching the tiny fraction of Internet traffic that isn't encrypted.

What isn't encrypted is things like regular DNS requests and likely some telemetry from IOT devices but banking, healthcare, government interactions, etc, are all behind encryption no-one has the ability to break at this time or will for a while.

While China did indeed manage the operation to break the RSA encryption scheme with a quantum computer they used a key so small even a regular computer could eat it alive in no time.

Even making the reasonable assumption that the NSA has more advanced capabilities, and they definitely do, a reminder that China factorised a 22-bit key - we've been using 2048-bit keys for some time and before that 1024-bit. Regular computing that we know about has factored an 829-bit key. Each extra bit doubles the key space, it's an exponential rise in complexity. There's a long, long, long way between 22 bits and 2048.

TL;DR even if the main claim is actually true the results are nowhere near what he's claiming.

This guys doesn't know what he's talking about.
I'm not saying there isn't an issue.. but he's drawing conclusions which are completely wrong.. online banking uses encryption beyond what's on a mobile network.
I'd be happy to listen to anyone who could share information about this but would want to verify source.

No sign of my issue being discussed so I am putting it down as a little, local situation.