A poster on an underground forum is selling what they claim are the names, addresses and social security numbers for almost all of the telco’s customers.
T-Mobile said it is investigating claims of data breach related to more than 100m of its customers.
Vice’s Motherboard reported yesterday (15 August) that a post had been made on a forum claiming to be selling personal data, which the author later said they had stolen from T-Mobile servers. The post offered access to about 30pc of the information for six bitcoin (approximately €240,000 at time of writing). Full access to the data is also being sold “privately”, according to Motherboard.
The seller also said that the data includes names, addresses, phone numbers, social security numbers, driving licence information, and International Mobile Equipment Identity numbers related to people’s electronic devices.
The Motherboard team said it had seen samples of the data and confirmed its veracity to real T-Mobile customers. The seller reportedly said that they had since “lost access to the backdoored servers” and that they believed this meant T-Mobile was already aware of the breach.
However, the person said they had already downloaded the data and had it “backed up in multiple places”.
In a statement, the company said: “We are aware of claims made in an underground forum and have been actively investigating their validity. We do not have any additional information to share at this time.”
If confirmed, the attack would be a blow to the US telco, which also suffered data breaches earlier this year and in 2020, 2019 and 2018. The alleged size of this breach means it would affect almost all T-Mobile customers.
In April, Facebook was revealed to have been the target of a data breach affecting 500m users. However, that leak involved much less personal information on each user than the hacker claims to have on T-Mobile customers.
US social security numbers are used for interactions with governments and financial institutions and are a frequent vector for identity theft.