A hacker claims to have data on more than 100 million T-Mobile subscribers in the United States and is offering access to a portion of it for $277,000.
The hacker released the data on an underground forum on Sunday, according to Motherboard, however they didn’t mention that the material was tied to T-Mobile in the post.
When contacted by the outlet, the hacker claimed via an online chat that they had gained access to various T-Mobile systems and had “whole client information.
“Social security numbers, phone numbers, names, physical locations, unique IMEI numbers, and driver license information, they claim, are among the data.
Motherboard said it had examined samples of the material and confirmed that they contained accurate T-Mobile subscriber information.
According to Coindesk, the hacker reportedly revealed on the underground forum that they were selling a portion of data containing 30 million social security numbers and driving licenses for six bitcoin, which totaled $277,895 at the time. Access to the rest of the data is also being sold privately by the hacker.
T-Mobile appears to have taken action against the hacker, however this is currently unverified.
The hacker told Motherboard, “I suspect they already found out because we lost access to the backdoored servers.”
Nonetheless, the hacker claimed that T-measures Mobile’s will have no effect on them because they had previously downloaded and backed up the stolen data in several locations.
On Sunday, T-Mobile told Gizmodo that it was looking into the claims.
“We’re aware of statements made in an underground forum and have been looking into their veracity. “At this point, we don’t have any additional information to share,” a T-Mobile spokeswoman stated.
If true, the hack would be yet another blow to the company’s cybersecurity, which has already been hit by a slew of attacks that have resulted in data leaks in recent years.
T-Mobile announced in February that it had been hacked after an unspecified number of customers were subjected to SIM swap assaults.
Meanwhile, the corporation said in December 2020 that it had experienced a data breach that exposed its clients’ private network information.
