customers of the Sprint telecommunications company reported that they had access to the personal information…
An attacker assesses the entire dump at 6 bitcoins (about $280,000), claiming that in total the database contains information on 100 million people, including IMSI, IMEI, phone numbers, names, security PINs. Worse, roughly 30 million more people have dates of birth, driver’s license numbers, and even social security numbers.
As proof of their words, the attacker provided a screenshot of an SSH connection to the production server running Oracle.
According to information security company Cyble, in total, the criminal stole more than 106 GB of information, including the database of the customer relationship department.
The data includes social security numbers, phone numbers, names, physical addresses, unique IMEI numbers, and driver licenses information, the seller said. Motherboard has seen samples of the data, and confirmed they contained accurate information on T-Mobile customers.
Vice Motherboard, one of the first to discover the leak, confirms that the data samples provided by the attacker did indeed belong to T-Mobile customers. At the same time, the attacker told reporters that he did not even try to demand a ransom from the company, since he already had interested buyers on the hacker forums.
Representatives of T-Mobile said that they already know about the incident and assure that they are studying it:
Let me remind you that we also talked about the fact that User data leaked from Gettr few days after launch, as well as that Rapid7 source code leaked due to Codecov hack.
Topsafeguardcenter.com is a site that tries to force you into clik to its browser notifications…
Hatteesaid.live is a domain that tries to trick you into subscribing to its browser notifications…
Fujivista.top is a domain that tries to force you into subscribing to its browser notifications…
Zambaadsmedia.azurewebsites.net is a domain that tries to trick you into subscribing to its browser notifications…
News-xzuyike.cc is a site that tries to force you into subscribing to its browser notifications…
Columnstoodth.com is a site that tries to trick you into clik to its browser notifications…