I'm happy to report that these vulnerabilities appear to have been fixed by T-Mobile's system administrators. I re-checked the vulnerabilities after reading Wired News' article called Known Hole Aided T-Mobile Breach.
The Wired News article indicates that sources close to the Federal case against Nicolas Jacobsen reported that the exploit Jacobsen used to gain access to T-Mobile customer information was a vulnerability in the Weblogic application server that was discovered in 2003. The patch for this vulnerability has been available for most of that time, but T-Mobile reportedly failed to apply it until now.
The Wired News article goes on to quote Peter Dobrow, a spokesman for T-Mobile, who reportedly said that the company closed the holes that Jacobsen exploited. This is a very good development for T-Mobile customers around the country, and I felt that it was important to discuss it in detail here on Operation Gadget.