T-Mobile is actively investigating a details breach immediately after a risk actor claims to have hacked T-Mobile’s servers and stolen databases that contains the personalized knowledge of around 100 million shoppers.
The alleged facts breach initial surfaced on a hacking forum yesterday immediately after the danger actor claimed to be advertising a database for 6 bitcoin (~$280K) made up of start dates, driver’s license numbers, and social security figures for 30 million people today.
When the forum submit does not point out the origins of the knowledge, the menace actor advised BleepingComputer that they took it from T-Cell in a huge server breach.
The risk actor promises to have hacked into T-Mobile’s manufacturing, staging, and progress servers two weeks in the past, which includes an Oracle databases server that contains consumer data.
This stolen knowledge allegedly includes the facts for about 100 million T-Mobile prospects and can incorporate customers’ IMSI, IMEI, cellphone quantities, customer names, security PINs, Social Security figures, driver’s license figures, and date of birth.
“Their entire IMEI historical past database heading back to 2004 was stolen,” the hacker informed BleepingComputer.
An IMEI (Worldwide Mobile Tools Id) is a exceptional variety utilised to identify mobile telephones, though an IMSI (Global cellular subscriber identification) is a unique number involved with a consumer on a cellular community.
As proof that they breached T-Mobile’s servers, the menace actors shared a screenshot of an SSH connection to a manufacturing server functioning Oracle.
Cybersecurity intelligence firm Cyble also informed BleepingComputer yesterday that the threat actor claims to have stolen several databases totaling approximately 106GB of facts, such as T-Mobile’s consumer connection administration (CRM) database.
Motherboard, who initial documented on this breach, explained they could validate that info samples delivered by the danger actor belonged to T-Cellular customers.
When requested if they attempted to ransom the stolen data to T-Mobile, the menace actors claimed they by no means contacted the corporation and made a decision to offer it on community forums wherever they by now have interested potential buyers.
When we contacted T-Cellular about the sale of this details they mentioned they are actively investigating it.
“We are mindful of claims created in an underground forum and have been actively investigating their validity. We do not have any extra data to share at this time,” T-Cellular told BleepingComputer.
T-Cell hacked for revenge
“This breach was finished to retaliate towards the US for the kidnapping and torture of John Erin Binns (CIA Raven-1) in Germany by CIA and Turkish intelligence brokers in 2019,” the danger actors informed Gal in a discussion.
“We did it to harm US infrastructure.”
Binns is a resident of Turkey who sued the FBI, CIA, and Division of Justice in 2020.
The grievance alleges that Binn was tortured and harassed by the US and Turkish governments and is seeking to compel the Usa to launch files with regards to these actions less than the Liberty of Information Act.
8/15/21: Included T-Mobile’s statement.