T-Mobile on Monday acknowledged a breach of customer information after a hacker group claimed to have obtained records of 100 million of the operator’s US customers and offered some of the data on the dark web.
The US wireless operator said it could not determine the number of customers impacted but that it had begun a “deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed.”
T-Mobile initially said it was checking the validity of the hacker group’s claim, and hours later acknowledged that at least some data were accessed.
“We have determined that unauthorized access to some T-Mobile data occurred, however we have not yet determined that there is any personal customer data involved,” a company statement said.
[ Related: DeadRinger: A Three-Pronged Attack by Chinese Against Major Telcos ]
“We are confident that the entry point used to gain access has been closed.”
T-Mobile said it was conducting its own analysis with digital forensic experts and coordinating with law enforcement on the hack.
The massive breach purportedly includes sensitive personal information like social security and driver’s license numbers, according to media reports citing postings from dark web forums.
According to screenshots posted by the security website Bleeping Computer, personal data from at least 30 million people were offered for sale on dark web forums for the equivalent of $280,000 in bitcoin.
The breach was first reported by the Vice website Motherboard, which quoted a seller claiming to offer “full customer info” of T-Mobile customers.
The reports come following a wave of data breaches and ransomware attacks affecting a wide range of companies and organizations including a US pipeline operator, Ireland’s health IT system and a major airline in India.
Facebook, Yahoo and Marriott are among US firms hit by massive customer data breaches in recent years affecting more than 100 million users.
T-Mobile in 2019 acquired rival telecom operator Sprint to better position itself against AT&T and Verizon.
Related: Hackers Accessed Information of T-Mobile Prepaid Customers
Related: Swisscom Breach Hits 800,000 Customers
Related: Industry Reactions to Nation-State Hacking of Global Telcos
More from AFP
- US Charges 20-Year-Old Head of Hacker Site BreachForums
- Spain Needs More Transparency Over Pegasus: EU Lawmakers
- Huawei Has Replaced Thousands of US-Banned Parts With Chinese Versions: Founder
- Poland Breaks up Russian Spy Ring
- Facebook ‘Unlawfully’ Used Dutch Personal Data: Court
- White House Cybersecurity Strategy Stresses Software Safety
- Internet Access, Privacy ‘Essential for Freedom’: Proton Chief
- ‘Hackers’ Behind Air Raid Alerts Across Russia: Official
Latest News
- US Charges 20-Year-Old Head of Hacker Site BreachForums
- Tesla Hacked Twice at Pwn2Own Exploit Contest
- CISA Ships ‘Untitled Goose Tool’ to Hunt for Microsoft Azure Cloud Infections
- Critical WooCommerce Payments Vulnerability Leads to Site Takeover
- PoC Exploit Published for Just-Patched Veeam Data Backup Solution Flaw
- CISA Gets Proactive With New Pre-Ransomware Alerts
- Watch on Demand: Supply Chain & Third-Party Risk Summit Sessions
- TikTok CEO Grilled by Skeptical Lawmakers on Safety, Content
