Security News > 2021 > August > T-Mobile US probes claims of 100m stolen customer records up for sale on dark web
T-Mobile US is investigating claims that highly sensitive personal data of 100 million customers has been stolen and peddled via the dark web.
The seller said it's likely T-Mobile US is up to speed on the security breach because a backdoor used to exfiltrate this data from the telco's servers had been closed.
Volodymyr "Bob" Diachenko, an expert in scouring the internet for data-leaking systems, today said he found in mid-July a non-protected, publicly-facing database containing 1.9 million records belonging to the FBI-run Terrorist Screening Center.
The records apparently included people's names, citizenship, passport numbers, and their no-fly status.
Amazon will monitor the keyboard and mouse movements of its support desk workers to catch miscreants misusing or pilfering customer data, it was reported last week.
In an advisory on Thursday, Drupal described a "Moderately critical" flaw in the third-party WYSIWYG editor CKEditor, which, if enabled on your Drupal system, can be exploited via "One or more Cross-Site Scripting vulnerabilities" to potentially perform actions as a logged-in user or administrator.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/08/16/in_brief_security/
Related news
- T-Mobile US fined $31.5M for network security breaches between 2021 and 2023 (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- T-Mobile pays $31.5 million FCC settlement over 4 data breaches (source)
- Dutch police arrest admin of 'Bohemia/Cannabia' dark web market (source)
- Dutch cops reveal takedown of 'world's largest dark web market' (source)
- Bohemia and Cannabia Dark Web Markets Taken Down After Joint Police Operation (source)
- Finland seizes servers of 'Sipultie' dark web drugs market (source)
- Dark web crypto laundering kingpin sentenced to 12.5 years in prison (source)
- T-Mobile confirms it was hacked in recent wave of telecom breaches (source)
- Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign (source)