T-Mobile has said on Sunday that it is currently investigating an online forum post which claims that a large set of its customer’s sensitive data is on sale. The news was reported by Motherboard, and details how the “seller” claims to have gotten their hands on the data by breaking into T-Mobile’s servers. The stolen data includes names, driver license information, addresses, IMEI numbers, and even Social Security numbers, of over 100 million users. Motherboard believes the data to be authentic, after it reviewed samples from the same.
At the same time, a spokesperson for T-Mobile says that the company is “actively investigating” the validity of the claims, which have been made on an undeground forum. They also add that as of now, no additional information is available.
Bad Luck At Protecting Customer Data
It remains unclear when exactly the data was accessed, even though T-Mobile has been a frequent target for cubercriminals and hackers in recent years, with the most recent attack being in December 2020. Back then, phone numbers and other call-related information for many customers were exposed, but the company claimed that Social Security numbers or other critical data were not breached.
Prior to that, in March 2020, the finanical information and Social Security numbers of some customers were leaked. In 2018 as well, personal data of around 2 million T-Mobile users were compromised, from names and addresses, to account numbers. Another hack had been reported to have occurred at the firm’s databases back in 2019.
Demanding Payment As Bitcoin
Another thing to be taken into account is that the seller is reportedly demanding a sum of over $277,000 in return for the data. Interestingly, the seller/hacker had said that they are currently selling a subset of the stolen data, which contains some 30 million Social Security numbers and drivers licenses. The sum being demanded in return for the data stands at $277,895, and that too, through six Bitcoin. Access to the remaining over 70 million entries in the list is also being sold privately.
Backdoors Blocked, But Files Downloaded
The hacker has come forward to say that T-Mobile has blocked their access to the data backdoors, hinting at a possible measure having been taken by the company. At the same time though, they also assert that they wont be swayed by T-Mobile’s actions, since they apparently have multiple copies of the stolen information, because they had already backed up the stolen data after downloading it.