A new data breach may have exposed the personal data of more than 100 million T-Mobile customers, according to Motherboard. T-Mobile, which has one of the best 5G networks in the U.S., confirmed to the publication that it is currently investigating the claim made on an underground forum.
When reached out for a comment, a T-Mobile spokesperson told Android Central:
We are aware of claims made in an underground forum and have been actively investigating their validity. We do not have any additional information to share at this time.
The data, which is said to contain highly sensitive information such as the users’ phone numbers, social security numbers, names, unique IMEI numbers, physical addresses, and driver’s licenses information. Motherboard says it has seen samples of the breached data and that they appear to contain “accurate information on T-Mobile customers.”
The seller on the underground forum is asking for 6 bitcoins (around $270,000) for a subset of the data with 30 million social security numbers and driver licenses. The rest of the data is apparently being sold privately at the moment. Although it looks like T-Mobile has kicked the hackers out of its servers, the sellers say they have already downloaded the data locally, and it is now “backed up in multiple places.”
At this point, it isn’t clear when the hackers managed to access the data from T-Mobile’s servers. However, this isn’t the first time hackers have managed to access users’ personal information from T-Mobile’s servers. In December last year, a security breach had exposed phone numbers and call-related details of around 200,000 T-Mobile customers.
In March 2020, a similar breach ended up exposing the personal information of some T-Mobile customers — including social security numbers, financial account information, as well as billing and account information. And in 2018, nearly 2 million T-Mobile customers were affected by a data breach that exposed their names, physical addresses, and account numbers.
Update, Aug 18 (2 am ET) — T-Mobile confirms the data stolen from its servers included ‘some’ personal information
T-Mobile has shared additional information regarding the cyberattack against its systems, confirming that the stolen data did include customers’ personal information such as first and last names, data of birth, and social security numbers. It believes that around 7.8 million current T-Mobile postpaid customer accounts’ information might be contained in the stolen files. Over 40 million records of former or prospective customers who had previously applied for credit with T-Mobile may have been affected as well.
As a result, the carrier is offering 2 years of free identity protection services to its customers, along with Account Takeover Protection capabilities for postpaid customers. It has also recommended all postpaid customers to change their PIN.
Update, Aug 16 (4:30 p.m. ET) ― T-Mobile says severity of data breach unknown
Following reports of a massive data breach, T-Mobile has issued an update on its investigation. So far, the company has determined that there was unauthorized access to T-Mobile data but has “not yet determined that there is any personal customer data involved.”
The company says that it is working with digital forensic experts and coordinating with law enforcement.
We understand that customers will have questions and concerns, and resolving those is critically important to us. Once we have a more complete and verified understanding of what occurred, we will proactively communicate with our customers and other stakeholders.
T-Mobile says that the investigation with “take some time” and that it cannot yet confirm the amount of data or users that have been affected.