T-Mobile reused staff passwords

http://www.flickr.com/photos/piair/3855589743/

A hacking group has dumped internal login-in details for T-Mobile staff revealing the US telco had reused passwords for multiple accounts.

Hackers from group Teamp0ison claimed to have found SQL injection vulnerabilities on the T-Mobile website where it found the names, email addresses, phone numbers and passwords of the administrators and staff members.

T-Mobile's parent company, Deutsche Telekom, said that only the newsroom section of the website was compromised and no other T-Mobile proprieties were affected. No customers have been affected, it said.