T-Mobile confirmed the fact of hacking and penetration into its network

Telecommunications giant T-Mobile has confirmed that its systems have been compromised, with company officials saying the attacked hacked their internal servers. Exact type of information that was stolen remains unclear.

Earlier this week, a hacker forum announced the sale of personal data to approximately 100 million T-Mobile customers. The seller claimed that two weeks ago, he hacked into the company’s servers (production, staging, and development servers, including the Oracle server that contained customer data), gaining access to an unsecured T-Mobile GPRS gateway, and stole the data from there.

The attacker estimated the entire dump at 6 bitcoins (about $280,000), claiming that in total the database contains information on 100 million people, including IMSI, IMEI, phone numbers, names, security PINs. Worse, roughly 30 million more people have dates of birth, driver’s license numbers, and even social security numbers.

Now, representatives of T-Mobile have released an official statement, in which representatives of the company confirmed that the hack did take place. The company has not yet reported any details of the incident.

The company also said it was working day and night to investigate allegations that T-Mobile’s data could have been illegally accessed. And they assured that they take customer protection very seriously and, together with digital forensics experts, are conducting extensive analysis to understand the validity of these claims, and that T-Mobile is coordinating with law enforcement agencies.

Let me also remind you that we talked about the Indonesian authorities that Block Access to RAID Forum Due to Data Leakage.