T-Mobile looking into potential hack of data on 100 million customers

Published at: Aug. 16, 2021

United States telecom giant T-Mobile is looking into an alleged massive data breach that may have compromised more than 100 million users.

According to Vice’s Motherboard, T-Mobile is investigating an alleged data breach claimed by the author of the post on an underground forum. The Sunday report says the hacker claims to have obtained data on more than 100 million customers from T-Mobile servers.

The seller is asking for 6 Bitcoin (BTC) — approximately $287,000 at current prices — in exchange for some of the data.

Motherboard has seen samples of the data, which include social security numbers, phone numbers, names, physical addresses, unique IMEI numbers and driver license information.

The seller told the outlet that they are privately selling most of the data at the moment but will hand over a subset of the data containing 30 million social security numbers and driver licenses for the BTC ransom.

Referring to T-Mobile’s alert and potential response to the breach, the hacker said, “I think they already found out because we lost access to the backdoored servers.”

A T-Mobile spokesperson said that the company is “aware of claims made in an underground forum” and is “actively investigating their validity,” adding, “We do not have any additional information to share at this time.”

Related: Ledger users threaten legal action after hacker dumps personal data

It is not the first time T-Mobile has been at the center of a cybersecurity scandal. In February, the mobile carrier was sued by a victim who lost $450,000 in Bitcoin in a SIM-swap attack.

A SIM-swap attack occurs when the victim’s cell phone number is stolen. This can then be used to hijack the victim’s online financial and social media accounts by intercepting automated messages or phone calls that are used for two-factor authentication security measures.

In this case, the victim, Calvin Cheng, accused T-Mobile of failing to implement adequate security policies to prevent unauthorized access to its customers’ accounts.

T-Mobile was also sued in July 2020 by the CEO of a crypto firm over a series of SIM-swaps that resulted in the loss of $8.7 million worth of digital assets.

In April this year, hardware wallet manufacturer Ledger faced a class-action lawsuit regarding the major data breach that saw the personal data of 270,000 customers stolen between April and June 2020.

Tags
Related Posts
Ransomware Attack Kidnaps Austrian City
Malware team, NetWalker, launched a ransomware attack against the Austrian village of Weiz. This attack affected the public service system and leaked some of the stolen data from building applications and inspections. According to the cybersecurity firm, Panda Security, hackers managed to penetrate the village's public network through phishing emails related to the COVID-19 crisis. COVID-19 as bait to deploy the ransomware The subject of the emails — "information about the coronavirus," — was used to bait employees of Weiz's public infrastructure into clicking on malicious links, thus triggering the ransomware. Panda Security claims that the attack belongs to a …
Technology / May 31, 2020
Kim Jong Un May Be Using Stolen Crypto to Offset Economic Fallout
North Korean leader, Kim Jong-un, is reportedly backing a group of hackers. Their goal? Stealing cryptocurrencies like Bitcoin (BTC) using phishing scams. Sources indicate that the country has ramped up these efforts in an attempt to prevent a financial meltdown amid the COVID-19 crisis. A report published on May 13 by the U.K. Mirror claims that the Lazarus group, a hacking syndicate with alleged ties to the North Korean state, could be launching a cybercrime campaign of advanced persistent threat, or APT, attacks. Experts from Seoul-based firm, ESTsecurity, state that Lazarus is “increasingly engaging” in cybercrime activities in and out …
Bitcoin / May 14, 2020
Binance CEO Suggests Crypto Exchanges Are Safer Than Keeping One’s Keys
Changpeng Zhao, the co-founder and CEO of cryptocurrency exchange Binance, suggested that for most, keeping crypto assets on an exchange is safer than keeping the keys themselves. Zhao gave his comments in a tweet on Jan. 19 after famous crypto skeptic and gold bug Peter Schiff complained that he lost access to his Bitcoin (BTC). Invoking the phrase “SAFU” — a slanger term in the crypto community for “safe,” Zhao said: “Many hardcore crypto [organizations] advocate storing your own keys. But the truth is, today most people are not able to secure a key even from themselves (losing it). A …
Bitcoin / Jan. 20, 2020
California Man Sues AT&T Over Loss of $1.8M and Crypto Accounts
California resident Seth Shapiro has filed a lawsuit against wireless service giant AT&T alleging that its employees helped to perpetrate a SIM-swap which resulted in the theft of over $1.8 million in total, including cryptocurrencies. The complaint filed on Oct. 17 claims that Shapiro is “a two-time Emmy Award-winning media and technology expert, author, and adjunct professor at the University of Southern California School of Cinematic Arts.” The lawsuit alleges that between May 16 and May 18 AT&T employees transferred access to Shapiro’s mobile phone to outside hackers: “AT&T employees obtained unauthorized access to Mr. Shapiro’s AT&T wireless account, viewed …
Cryptocurrencies / Oct. 20, 2019
Crypto.com breach may be worth up to $33M, suggests onchain analyst
Onchain analyst claims that Crypto.com's loss in the latest security breach might have been worth more than the reported $15 million. Pseudonymous ErgoBTC, an on-chain analyst at Bitcoin (BTC) research firm OXT Research, claims that the Crypto.com security breach that was said to have resulted in the loss of 4.6K ETH ($15 million), may be worth up to $33 million. Adding another 444 BTC to the previously reported 4.6k ETH from yesterday's @cryptocom hack. Still no acknowledgement of loss, despite large outflows from the custodial wallet into ETH's Tornado Cash and a well known BTC tumbler (as detailed below). pic.twitter.com/GalJKM6bi9 …
Blockchain / Jan. 19, 2022