This article is from Trend Micro.
The mobile communications giant T-Mobile has launched an investigation into the data breach that has resulted in millions of its customers’ personal data being made available for purchase online.
On Monday, August 16, T-Mobile posted a statement on its website confirming that data was “illegally accessed” from its computer systems. However, at the time, the company did not reveal the exact nature of the data. In the statement, the company assured its customers that it believes the entry point the hacker used to access the data has been closed.
In a later statement, the company said it believes the data of over 40 million current, previous, and prospective customers was accessed illegally.
A hacker named SubVirt made a post on an underground forum claiming to be in possession of the data. The hacker was asking for 6 bitcoin – which is around $270,000 – for a subset of the data containing information relating to 30 million T-Mobile customers. The leaked data is believed to include customer’s names, Social Security numbers, phone numbers, driver’s license information, IMEI numbers, and more. SubVirt hasn’t currently put all the data up for sale – the hacker claims to have the data of over 100 million T-Mobile customers!
We’re sure T-Mobile and the authorities are working tirelessly to track down SubVirt and ensure that none of the stolen data sees the light of day. Unfortunately, however, T-Mobile has recently been the victim of several other high-profile data breaches. In January of this year, hackers stole the call records of over 200,000 of its customers, and back in 2018, leaked personal data belonging to around 2 million of its customers was posted online.
If you believe that you may have been a victim of the recent T-Mobile data breach, please be hyper-aware of any suspicious activity relating to any of your online accounts or anybody who you don’t know contacting you regarding your personal information.