T-Mobile confirms it was hit by a data breach

The US operator has not yet determined if there is any personal customer data involved

UPDATE: T-Mobile has confirmed that data belonging to the company may have been “illegally accessed”.

“We have determined that unauthorized access to some T-Mobile data occurred, however we have not yet determined that there is any personal customer data involved,” the company said in a statement to IT Pro. “We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed.”

T-Mobile added that the investigation will “take some time” but it is working with the “highest degree of urgency”.

“Until we have completed this assessment we cannot confirm the reported number of records affected or the validity of statements made by others,” it said.

The company also said that once it has a more complete and verified understanding of what occurred, it will then communicate with its customers and stakeholders.

16/08/21: T-Mobile has launched an investigation into a claim on an online forum which suggests that the personal data from over 100 million users have been breached.

The forum post doesn’t explicitly mention the company, but the seller told Motherboard they have obtained data related to over 100 million people and that this data came from T-Mobile servers.

The data reportedly contains social security numbers, driver license information, phone numbers, physical addresses, and unique IMEI numbers. Motherboard saw samples of the data and confirmed they contained accurate information on T-Mobile customers.

On the forum, the seller is asking for six Bitcoin, which is approximately $270,000, for a subset of the data which contains 30 million social security numbers and driver licenses.

"I think they already found out because we lost access to the backdoored servers," the seller told Motherboard, referring to T-Mobile's potential response to the breach.

Despite this, the seller said they had already downloaded the data locally and it is backed up in multiple places.

"We are aware of claims made in an underground forum and have been actively investigating their validity,” T-Mobile said in a statement to IT Pro. “We do not have any additional information to share at this time."

Related Resource

The five essentials from your endpoint security partner

Empower your MSP business to operate efficiently

Five essentials from your endpoint security partner - title against a background of blue circles - whitepaper from MalwarebytesDownload now

Ilia Kolochenko, Founder of ImmuniWeb and a member of Europol Data Protection Experts Network, said that the price for the records is "very cheap", at just 1 cent per victim. He said the data could be exploited to conduct targeted mobile attacks, social engineering, sophisticated phishing campaigns, or financial fraud.

"From a legal viewpoint, if the information about the breach is confirmed, T-Mobile may face an avalanche of individual and class action lawsuits from the victims, as well as protracted investigations and serious monetary penalties from the states where the victims are based," he said, adding that it would be premature to make a conclusion before T-Mobile makes an official statement on the quantity and nature of the stolen data.

In January this year, T-Mobile suffered a data breach affecting information government agencies considered to be highly sensitive. It affected around 200,000 customers and contained information such as customer phone numbers and the number of lines subscribed to on their account.

Featured Resources

How virtual desktop infrastructure enables digital transformation

Challenges and benefits of VDI

Free download

The Okta digital trust index

Exploring the human edge of trust

Free download

Optimising workload placement in your hybrid cloud

Deliver increased IT agility with the cloud

Free Download

Modernise endpoint protection and leave your legacy challenges behind

The risk of keeping your legacy endpoint security tools

Download now

Recommended

Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021
61% of organizations say improving security a top priority for 2021
cyber security

61% of organizations say improving security a top priority for 2021

29 Jun 2021
ProtectedBy.AI’s CodeLock blocks malware at source code level
software as a service (SaaS)

ProtectedBy.AI’s CodeLock blocks malware at source code level

9 Jun 2021

Most Popular

How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

4 Jan 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

6 Jan 2022
Microsoft Exchange servers break thanks to 'Y2K22' bug
email delivery

Microsoft Exchange servers break thanks to 'Y2K22' bug

4 Jan 2022