Threat actor claims to be selling data of more than 100 million T-Mobile customers

T-Mobile is investigating a possible data breach after a threat actor published a post on a forum claiming to be selling the personal data of its customers.

New problems for T-Mobile, the company is investigating a possible data breach after that a threat actor has published a post on a hacking forum claiming to be in possession of the personal data of its customers.

The news was reported by Motherboard which pointed out that even if the post doesn’t mention T-Mobile, the seller told it that it has obtained personal data for more than 100 million T-Mobile customers.

The seller told Motherboard that the data was obtained by compromising multiple servers related to T-Mobile.

The seller claims that the data available for sale includes social security numbers, phone numbers, names, physical addresses, unique IMEI numbers, and driver licenses information.

Motherboard has obtained samples of the data available for sale and confirmed they contained information on T-Mobile customers.

The seller is asking for 6 bitcoin (around $270,000) for 30 million social security numbers and driver licenses, while they are privately selling the remaining data.

Below the statement that the telecommunication giant shared with Motherboard:

“We are aware of claims made in an underground forum and have been actively investigating their validity. We do not have any additional information to share at this time.”

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)

[adrotate banner=”5″]

[adrotate banner=”13″]