T-Mobile USA investigates possible breach after hacker offers to sell customer data

Graham Cluley
@gcluley

T-Mobile USA investigates possible breach after hacker offers to sell customer data

A hacker is offering for sale what they claim to be the personal data of over 100 million people, stolen from the servers of T-Mobile USA.

As first reported by Joseph Cox of Vice, information including the names, phone numbers, physical addresses, IMEI device numbers, driving license information, and social security numbers of T-Mobile customers is being offered for sale after an alleged breach of multiple servers at T-Mobile USA.

The person claiming to have hacked T-Mobile says that they are part of a gang that had access to the telecom operator’s systems for 2-3 weeks until this weekend.

Sign up to our newsletter
Security news, advice, and tips.

In an attempt to prove the claim, a screenshot of what appeared to show unauthorised access to T-Mobile’s servers by hackers.

Vice says that it managed to confirm with T-Mobile customers that their details were included in a sample of data shared by the hacker.

The hacker, meanwhile, is advertising 30 million unique social security numbers and driving license details for 6 Bitcoin (currently valued at approximately US $285,000.)

30M unique SSNS with SS

Price 6 Bitcoin

Freshly dumped and NEVER sold before!

SERIOUS BUYERS ONLY!

T-Mobile is no stranger to data breaches.

For instance, in 2018 it warned that as many as 2.3 million accounts had their details accessed through an unsecure API.

Then, in 2019, over one million accounts were exposed following a breach.

In March 2020, meanwhile, hackers gained access to T-Mobile employees’ email accounts and stole customer account information.

Most recently, in December last year, 200,000 customers were notified that customer proprietary network information (CPNI), which “may have included phone number, number of lines subscribed to on your account and, in some cases, call-related information collected as part of the normal operation of your wireless service” had been accessed by an unauthorised party.

T-Mobile has not currently confirmed that the latest reported data breach has occurred, but has said that it is investigating:

“We are aware of claims made in an underground forum and have been actively investigating their validity. We do not have any additional information to share at this time.”

In the past T-Mobile has said that it takes the security of customers’ information “very seriously”…

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.