T-Mobile is looking into a major hack on its customer data

Tech giant T-Mobile is investigating claims that a serious data breach may have occurred effecting a large proportion of its customer and client base.

T-Mobile is actively investigating claims that there has been a major data breach of its personal database which potentially could compromise 100 million people.

According to VICE,  a message spotted on an underground forum on Sunday, August 15, came from someone claiming to be in possession of personal data belonging to 100 million people. The message made no mention of T-Mobile, but when the poster was contacted by news site Motherboard, it became apparent that the mobile company’s customers were at the centre of the alleged hack. 

The alleged hacker told Motherboard that the data belonged to “T-Mobile USA” customers and contains everything from names, social security numbers, and phone numbers, to home addresses and driver license information. The news site said it was able to confirm the accuracy of the stolen data after reviewing a sample.

The perpetrator is asking for 6 bitcoin — currently worth about $285,000.

T-Mobile may have already found out about the hack as they can no longer access the company’s servers. But the company, which merged with Sprint last year in a deal worth $26 billion, is yet to confirm publicly if its servers were breached, saying only that it is “aware of claims made in an underground forum” and that is “actively investigating their validity.” T-Mobile added that it will share more information when it becomes available.

If the breach turns out to be true and affects such a large number of T-Mobile customers, it would be a huge blow for the company as it seeks to restore its reputation following similar stumbles in recent years.

In February, the mobile carrier was sued by a victim who lost $450,000 in Bitcoin in a SIM-swap attack.

A SIM-swap attack occurs when the victim’s cell phone number is stolen. This can then be used to hijack the victim's online financial and social media accounts by intercepting automated messages or phone calls that are used for two-factor authentication security measures.

In this case, the victim Calvin Cheng accused T-Mobile of failing to implement adequate security policies to prevent unauthorized access to its customers' accounts.

T-Mobile was also sued in July 2020 by the CEO of a crypto firm over a series of SIM-swaps that resulted in the loss of $8.7 million worth of digital assets.

In April this year, hardware wallet manufacturer, Ledger, faced a class-action lawsuit regarding the major data breach that saw the personal data of 270,000 customers stolen between April and June 2020.

Share

Featured Articles

Gary Merrill: Who Is Commvault’s First-Ever CCO?

Experiencing a period of rapid growth, Commvault have created the new position of CCO and given it to company veteran and former CFO Gary Merrill to lead

Xalient's Stephen Amstutz on Need for Cyber Staff Wellness

Stephen Amstutz, Director of Innovation at Xalient explains why cyber staff are getting stressed and what can be done to help

Worldwide IT Outage Not Cyber Attack - But Software Update

The global IT outage that is being described as one of the biggest ever is thankfully not being attributed to a cyber attack, but rather a software update

Companies Across Cyber Sphere Warn of Surge in DDoS attacks

Cyber Security

UK Takes Steps to Strengthen Country's Cyber Security

Cyber Security

BlueVoyant Launch Platform to Tackle Supplier Attack Surface

Operational Security