A hacker claims to be in possession of personal data from over 100 million T-Mobile customers. Motherboard reports that the hacker posted about selling the data on an underground forum over the weekend. Although the post on the forum didn’t specify that the stolen data is from T-Mobile, the hacker told Motherboard that the data came from T-Mobile’s servers. T-Mobile is now actively investigating the data breach, but didn’t offer any further updates.
T-Mobile data breach could affect 100M users
The hacker revealed to Motherboard that they were able to access “full customer info” of T-Mobile customers. This includes social security numbers, phone numbers, names, home addresses, unique IMEI numbers, and driver licenses. The hacker claims to have “compromised multiple servers related to T-Mobile” in the attack. They are asking for 6 bitcoin for a subset of data with information from 30 million customers. As of Monday morning, 6 BTC is worth over $283,000 USD.
The hacker believes that T-Mobile is aware of the breach and has taken action. “I think they already found out because we lost access to the backdoored servers,” they told Motherboard. Unfortunately, the hacker already downloaded the stolen data and backed it up in multiple locations. In addition to selling some data online, the hacker is also in the process of selling the rest privately. Motherboard saw a sample of the data and was able to confirm its validity.
“We are aware of claims made in an underground forum and have been actively investigating their validity,” T-Mobile said in a statement to the many publications that reached out about the massive data breach. “We do not have any additional information to share at this time.”
Other recent mobile carrier hacks
T-Mobile now has over 100 million subscribers. If the data breach is really as extensive as the hacker claims it to be, it suggests the data of virtually every customer was exposed. If this sounds familiar, it might be because a similar situation played out in October 2017. A security researcher discovered the vulnerability in T-Mobile’s website allowing hackers to access personal data with nothing but a phone number. The researcher noted that all of T-Mobile’s customers were at risk.
“We were alerted to an issue that we investigated and fully resolved in less than 24 hours,” T-Mobile told Motherboard at the time. “There is no indication that it was shared more broadly.”
Unfortunately, this breach might not be as easy to resolve. In the meantime, we’ll keep an eye out for any official updates from the carrier or the hacker that stole the data in the first place.
