T-Mobile is investigating a forum post that claims to be selling personal information. The post itself doesn’t reveal what data and personal information is being sold, but it has been confirmed that all of it has come from T-Mobile’s servers and that it’s related to over 100 million customers. Earlier this summer, we reported that over 700 million LinkedIn users’ data was compromised in a hack.
The report was posted by Motherboard, which says that the stolen data includes social security numbers, phone numbers, names, physical addresses, unique IMEI numbers, and driver licenses information. The seller has even provided a sample of the data to Motherboard, who confirmed that the information contained is accurate.
“T-Mobile says it is investigating a forum post claiming to be selling a mountain of personal data. The forum post itself doesn’t mention T-Mobile, but the seller told Motherboard they have obtained data related to over 100 million people, and that the data came from T-Mobile servers.”
The private data is currently being sold on an underground forum, and the hacker is asking for 6 bitcoins or around $270,000 for a subset of data that contains 30 million social security numbers and driver licenses. The seller has confirmed that they are privately selling the information at the moment.
“I think they already found out because we lost access to the backdoored servers,” said the seller. The hacker also confirmed that T-Mobile appears to have found out about them, since access to the servers has already been blocked, and the hacker was kicked from it. However, the stolen data has been confirmed to have been downloaded locally, and “It’s backed up in multiple places”, said the person.
T-Mobile has since released a statement to Motherboard saying that “We are aware of claims made in an underground forum and have been actively investigating their validity. We do not have any additional information to share at this time.”