T-Mobile customers may want to brace for some bad news.
The mobile service provider is investigating a reported data breach that may have exposed the private info of more than 100 million people. The would-be perpetrator is apparently trying to sell off a portion of the data, Vice noted in a Sunday report.
The site spoke with the anonymous author of a forum post offering up roughly one-third of the T-Mobile USA customer data in exchange for 6 bitcoins (worth a bit less than $280,000 as of Aug. 15). While it could all be BS, Vice was able to look at samples of the data and confirm that the seller has “accurate information on T-Mobile customers.”
The stolen data, which was reportedly obtained from multiple T-Mobile servers, is filled with identifying information, including names, addresses, and phone numbers; social security numbers; IMEI numbers, which are unique to each mobile device; and driver’s license info. It’s not clear if this data is available for every person exposed in the breach, but the seller did confirm to Vice that their access to T-Mobile’s servers has been cut off.
On Sunday evening, a T-Mobile spokesperson responded to Mashable’s request for comment with the following statement: “We are aware of claims made in an underground forum and have been actively investigating their validity. We do not have any additional information to share at this time.”
The company offered more on Monday in a brief post on its website, titled simply “T-Mobile Cybersecurity Incident Update.” While it doesn’t address a number of details that came up in the original report, the company does admit that some manner of breach occurred, and that it’s working with digital forensics experts and law enforcement as an investigation looks into what happened.
The post goes on to note: “We have determined that unauthorized access to some T-Mobile data occurred, however we have not yet determined that there is any personal customer data involved. We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed. This investigation will take some time but we are working with the highest degree of urgency. Until we have completed this assessment we cannot confirm the reported number of records affected or the validity of statements made by others.”
Given the continuing lack of information on the extent of the impacts, T-Mobile customers (and potentially former customers as well, no one really knows) would be wise to keep an eye on their accounts and overall digital footprint for suspicious activity.
UPDATE: Aug. 17, 2021, 8:18 a.m. EDT Added statements from T-Mobile.