T-Mobile engineers discovered hackers running commands on routers

Suspicious behavior on T-Mobile US Inc.’s network devices tipped the company off to a breach that was potentially part of a sweeping cyberespionage campaign that has raised pressing questions about the exposure of a critical sector of the economy.

Jeff Simon, T-Mobile’s chief security officer, said in an interview with Bloomberg News that while the behavior was not “inherently malicious,” it was unusual enough to attract the attention of the company’s network engineers. In recent weeks, engineers had seen unauthorized users running commands on the company’s network devices that appeared to probe the network’s fabric, Simon said.