A hacker is claiming to have obtained data for some 100 million T-Mobile customers and is trying to sell it.
In a forum post online, a hacker claims to have compromised T-Mobile servers and made off with a treasure trove of customer data. While the post itself didn’t specify the company, Motherboard reached out to the hacker and received confirmation the target company was T-Mobile.
The data in question is allegedly full customer information, including names, addresses, social security numbers (SSN), phone numbers, driver license information and unique IMEI numbers. Motherboard was given access to a sample of the data and confirmed its validity.
It appears T-Mobile has closed the security issue that allowed the hackers access, but not before they copied the data and made multiple backups. The hacker(s) is trying to sell a subset of the data, composed of 30 million SSNs and driver licenses, for 6 bitcoin, or roughly $270,000. The rest of the data is being sold privately.
Motherboard reached out to T-Mobile and received the following statement:
“We are aware of claims made in an underground forum and have been actively investigating their validity. We do not have any additional information to share at this time.”