Security News
As first reported by Motherboard on Sunday, someone on the dark web claims to have obtained the data of 100 million from T-Mobile's servers and is selling a portion of it on an underground forum for 6 bitcoin, about $280,000. The trove includes not only names, phone numbers, and physical addresses but also more sensitive data like social security numbers, driver's license information, and IMEI numbers, unique identifiers tied to each mobile device.
On Tuesday, it disclosed further details on the data breach in a post on its website, saying that the breach affects as many as 7.8 million postpaid subscribers, 850,000 prepaid customers and "Just over" 40 million past or prospective customers who've applied for credit with T-Mobile. Compromised payment data may not have shown up in T-Mobile's investigation, but personal information did: As of 01:54 Wednesday morning, T-Mobile had ascertained that the ripped-off data included customers' first and last names, date of birth, Social Security numbers, and driver's license/ID information "For a subset of current and former postpay customers and prospective T-Mobile customers."
T-Mobile warned Monday that a data breach has exposed the names, date of birth, Social Security number and driver's license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. On Monday evening, T-Mobile said a "Highly sophisticated" attack against its network led to the breach of data on millions of customers.
T-Mobile US has begun admitting to the theft of 100 million user accounts in stages, confessing overnight that 8 million people's personal details had been stolen from its servers. In a statement the American mobile operator said: "Yesterday, we were able to verify that a subset of T-Mobile data had been accessed by unauthorized individuals. We also began coordination with law enforcement as our forensic investigation continued."
The massive breach impacts roughly 7.8 million T-Mobile postpaid customers, 850,000 T-Mobile prepaid users, and approximately 40 million former or prospective ones. Adding it all up, the attackers stole records belonging to 48.6 million individuals, including current postpaid and prepaid users, as well as former or prospective customers.
T-Mobile has confirmed that attackers who recently breached its servers stole files containing the personal information of over 8.6 million current customers. The massive breach impacts roughly 7.8 million T-Mobile postpaid customers, 850,000 T-Mobile prepaid users, and approximately 40 million former or prospective ones.
In the wake of the recent claims that T-Mobile U.S. has suffered a massive data breach and the consequent industry reactions, the company has shared additional information its internal investigation has uncovered. "Yesterday, we were able to verify that a subset of T-Mobile data had been accessed by unauthorized individuals. We also began coordination with law enforcement as our forensic investigation continued," T-Mobile explained.
T-Mobile is investigating a claim that as many as 100 million accounts may have been compromised in a data breach."We have determined that unauthorized access to some T-Mobile data occurred, however we have not yet determined that there is any personal customer data involved. We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed."
Communications giant T-Mobile said today it is investigating the extent of a breach that hackers claim has exposed sensitive personal data on 100 million T-Mobile USA customers, in many cases including the name, Social Security number, address, date of birth, phone number, security PINs and details that uniquely identify each customer's mobile device. On Sunday, Vice.com broke the news that someone was selling data on 100 million people, and that the data came from T-Mobile.
T-Mobile on Monday acknowledged a breach of customer information after a hacker group claimed to have obtained records of 100 million of the operator's US customers and offered some of the data on the dark web. The US wireless operator said it could not determine the number of customers impacted but that it had begun a "Deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed."