T-Mobile probing claims of data breach of 100 million US customers
Bellevue, Washington – Telecommunications company T-Mobile has confirmed a "cybersecurity incident" in the US.
"We have determined that unauthorized access to some T-Mobile data occurred, however we have not yet determined that there is any personal customer data involved," T-Mobile said in a statement issued on Monday.
The tech website Motherboard had reported over the weekend that the company was investigating an underground forum post claiming to be selling "a mountain of personal data."
The alleged seller reportedly told Motherboard they had obtained data related to over 100 million people, and that the data came from T-Mobile servers.
"The data includes social security numbers, phone numbers, names, physical addresses, unique IMEI numbers, and driver licenses information," the seller said.
Some data was apparently up for sale in exchange for bitcoin. The hacker was reportedly asking for six bitcoin for a portion of the data containing 30 million social security numbers and driver licenses. The remaining data was being offered by private sale.
T-Mobile assured they have been actively combating the breach.
"We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed," the company said in Monday's statement.
"This investigation will take some time but we are working with the highest degree of urgency. Until we have completed this assessment we cannot confirm the reported number of records affected or the validity of statements made by others," it added.
T-Mobile last experienced a data breach in December 2020.
Cover photo: IMAGO / ZUMA Wire