A threat actor claimed to have hacked T-Mobile’s servers and stolen databases containing the personal data of approximately 100 million customers.

T-Mobile is actively investigating the alleged data breach which first surfaced on a hacking forum after the threat actor claimed to be selling a database for six bitcoins (~$280K) containing birth dates, driver’s license numbers, and social security numbers for 30 million people.

The forum post does not mention the origins of the data but the threat actor had stated that they stole it from T-Mobile in a massive server breach.

The threat actor claims to have hacked into T-Mobile’s production, staging, and development servers two weeks ago, including an Oracle database server containing customer data.

This stolen data contains details for approximately 100 million T-Mobile customers and may include customers’ IMSI, IMEI, phone numbers, customer names, security PINs, Social Security numbers, driver’s license numbers, and date of birth.

The hacker said that the entire IMEI history database going back to 2004 was stolen.

An IMEI (International Mobile Equipment Identity) is a unique number used to identify mobile phones, while an IMSI (International mobile subscriber identity) is a unique number associated with a user on a cellular network.

The hacker provided a screenshot of an SSH connection to a production server running Oracle as proof of breach.

According to the cybersecurity intelligence firm Cyble, the threat actor claims to have stolen multiple databases totaling approximately 106GB of data, including T-Mobile’s customer relationship management (CRM) database.

The threat actors have not contacted the company after stealing and they decided to sell it on forums where they already have interested buyers.

The threat actors told Alon Gal, CTO of cybercrime intelligence firm Hudson Rock, that they performed this breach to damage US infrastructure.

The post Hacker claims to steal data of 100 million T-mobile customers first appeared on Cybersafe News.

You May Also Like

Information from more than 100 million Android users exposed by massive data breach

Cybersecurity specialists report that the personal information of around 100 million Android…

Ransomware attack shuts down operations of firefighters at 85 Australian fire stations

Fire Rescue Victoria’s (FRV) emails, phones, and emergency dispatch systems that automate…

Indian HDFC Bank deposits millions in customers’ accounts by mistake. Hacking incident or just a software flaw?

Last weekend, HDFC Bank clients received a message showing a non-exact balance…

More than 770 million records available through the Travis CI API: Anyone can extract tokens, secrets, and other credentials associated with services like GitHub, AWS, and Docker Hub

Software development and testing platform Travis CI confirmed the second incident of…