T-Mobile USA investigates possible breach after hacker offers to sell customer data

Graham Cluley
Graham Cluley
@[email protected]

T-Mobile USA investigates possible breach after hacker offers to sell customer data

A hacker is offering for sale what they claim to be the personal data of over 100 million people, stolen from the servers of T-Mobile USA.

As first reported by Joseph Cox of Vice, information including the names, phone numbers, physical addresses, IMEI device numbers, driving license information, and social security numbers of T-Mobile customers is being offered for sale after an alleged breach of multiple servers at T-Mobile USA.

The person claiming to have hacked T-Mobile says that they are part of a gang that had access to the telecom operator’s systems for 2-3 weeks until this weekend.

Sign up to our free newsletter.
Security news, advice, and tips.

In an attempt to prove the claim, a screenshot of what appeared to show unauthorised access to T-Mobile’s servers by hackers.

T mobile access

Vice says that it managed to confirm with T-Mobile customers that their details were included in a sample of data shared by the hacker.

The hacker, meanwhile, is advertising 30 million unique social security numbers and driving license details for 6 Bitcoin (currently valued at approximately US $285,000.)


30M unique SSNS with SS

Price 6 Bitcoin

Freshly dumped and NEVER sold before!


T-Mobile is no stranger to data breaches.

For instance, in 2018 it warned that as many as 2.3 million accounts had their details accessed through an unsecure API.

Then, in 2019, over one million accounts were exposed following a breach.

In March 2020, meanwhile, hackers gained access to T-Mobile employees’ email accounts and stole customer account information.

Most recently, in December last year, 200,000 customers were notified that customer proprietary network information (CPNI), which “may have included phone number, number of lines subscribed to on your account and, in some cases, call-related information collected as part of the normal operation of your wireless service” had been accessed by an unauthorised party.

T-Mobile has not currently confirmed that the latest reported data breach has occurred, but has said that it is investigating:

“We are aware of claims made in an underground forum and have been actively investigating their validity. We do not have any additional information to share at this time.”

In the past T-Mobile has said that it takes the security of customers’ information “very seriously”…

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.