So, people: There's this protocol by which Data Traverses The Internet, called the Border Gateway Protocol. So, when your email/banking information/web surfing/health information/what-have-you is going from point A to point B by going from Big Router to Big Router, those routers know where to send the data next by using the Border Gateway Protocol. It's a protocol that goes back to the nascent internet, and it's 40 years old.
An ISP, like T-Mobile, broadcasts that it's the likely route for data going to and from its users. And the likes of Google, or Microsoft, Cloudflare, or what have you do the same.
But what happens when things go sideways? Say that an ISP in Russia, say, broadcasts a route that says that All Your Data Goes Through Us?
For those ISPs that haven't taken precautions, data that was supposed to go to Google, or your doctor, takes a trip through Leningrad. Or Beijing. And these kinds of hijacks have been happening more and more often and seem, for some strange reason, to involve China and Russia most of all.
BGP can be secured. But T-Mobile hasn't done it. This should be a first priority of T-Mobile's networking crowd.
Check out Cloudflare's testing system at Is BGP safe yet? · Cloudflare . And there's T-Mobile, in the Hall of Shame.
C'mon, guys, how about fixing this?