The hacker, who stole data of more than 53 million former and prospective customers of T-Mobile US Inc, said the wireless carrier's security was "awful", the Wall Street Journal reported on Thursday.
John Binns, the 21-year-old American who took responsibility for the high-profile hack disclosed by the company last week, told https://on.wsj.com/3Bi4yHU the Journal that he had used an unprotected router to access personal records of customers.
T-Mobile did not immediately respond to a request for comment.
The U.S. Federal Communications Commission (FCC) said last week it would investigate the data breach, with some T-Mobile customers also suing the company for damages in Seattle federal court.