Security News > 2021 > August > Hacker claims to steal data of 100 million T-mobile customers
A threat actor claims to have hacked T-Mobile's servers and stolen databases containing the personal data of approximately 100 million customers.
The alleged data breach first surfaced on a hacking forum yesterday after the threat actor claimed to be selling a database for six bitcoin containing birth dates, driver's license numbers, and social security numbers for 30 million people.
The threat actor claims to have hacked into T-Mobile's production, staging, and development servers two weeks ago, including an Oracle database server containing customer data.
This stolen data allegedly contains the data for approximately 100 million T-Mobile customers and can include customers' IMSI, IMEI, phone numbers, customer names, security PINs, Social Security numbers, driver's license numbers, and date of birth.
Cybersecurity intelligence firm Cyble told BleepingComputer yesterday that the threat actor claims to have stolen multiple databases totaling approximately 106GB of data, including T-Mobile's customer relationship management database.
Motherboard, who first reported on this breach, said they could verify that data samples provided by the threat actor belonged to T-Mobile customers.
News URL
Related news
- Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign (source)
- T-Mobile pays $31.5 million FCC settlement over 4 data breaches (source)
- T-Mobile US fined $31.5M for network security breaches between 2021 and 2023 (source)
- T-Mobile confirms it was hacked in recent wave of telecom breaches (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile Payments (source)