Hackers sell data of 100 million T-Mobile customers

An announcement appeared on an underground forum: hackers are selling personal data of approximately 100 million customers of T-Mobile, one of the largest telecom operators in the world.

The seller claims that two weeks ago, he hacked into the company’s servers (production, staging, and development servers, including the Oracle server that contained customer data) and stole the data from there. At least, this is what he told Bleeping Computer reporters.

An attacker assesses the entire dump at 6 bitcoins (about $280,000), claiming that in total the database contains information on 100 million people, including IMSI, IMEI, phone numbers, names, security PINs. Worse, roughly 30 million more people have dates of birth, driver’s license numbers, and even social security numbers.

Their entire database, with the entire history of IMEI since 2004, has been stolen.the hacker says.

As proof of their words, the attacker provided a screenshot of an SSH connection to the production server running Oracle.

According to information security company Cyble, in total, the criminal stole more than 106 GB of information, including the database of the customer relationship department.

The data includes social security numbers, phone numbers, names, physical addresses, unique IMEI numbers, and driver licenses information, the seller said. Motherboard has seen samples of the data, and confirmed they contained accurate information on T-Mobile customers.

Vice Motherboard, one of the first to discover the leak, confirms that the data samples provided by the attacker did indeed belong to T-Mobile customers. At the same time, the attacker told reporters that he did not even try to demand a ransom from the company, since he already had interested buyers on the hacker forums.

Representatives of T-Mobile said that they already know about the incident and assure that they are studying it:

We are aware of the statements made on the underground forum and we are actively studying their validity. Currently, we do not have any additional information that we could share. the company says.

Let me remind you that we also talked about the fact that User data leaked from Gettr few days after launch, as well as that Rapid7 source code leaked due to Codecov hack.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button