T-Mobile launches investigation after hacker claims to have stolen customer data

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360

T-Mobile USA Inc. has launched an investigation into a hacker advertising allegedly stolen customer records on a popular hacking forum.

The hacker, who goes by the name of “Subvirt,” made the post on Raids Forum and is asking for a payment of 6 bitcoin ($286,000) from other hackers who may want some of the stolen data — specifically stolen Social Security numbers and driver’s license details. The listing itself did not mention T-Mobile, but the hacker told Bleeping Computer today that the data was taken from T-Mobile in a massive data breach.

The hacker claimed to have hacked into T-Mobile’s production, staging and development servers two weeks ago, including an Oracle server containing customer data.

The stolen data is said to include more than 100 million T-Mobile customer records and includes International Mobile Subscriber Identity numbers, International Mobile Equipment Identity numbers, phone numbers, customer names, PINs and date of birth as well as the Social Security and driver’s license numbers. Motherboard noted that the alleged hacker is selling the other data privately.

One odd aspect to the alleged hack is that although it’s getting a fair bit of media attention, the listing on Raid Forums is seeming not to get much attention on the forum itself. Usually, a big hack listed on the site would result in various comments from other users, but in this case, the only comment is the alleged hacker posting “bump” to try to get attention to the listing.

If T-Mobile has been hacked, it won’t be the first time. The company is somewhat infamous for its lax security and how often it’s targeted and hacked.

If proven, this will be the fifth hack of T-Mobile since 2018. The most recent hack was revealed in January and described by the company as a “security incident” involving “malicious, unauthorized access” to some information related to T-Mobile accounts.

Previous hacks involving T-Mobile include the theft of the details of 2 million customers in August 2018, a hack involving the theft of prepaid customer data in November 2019 and the theft of employee and customer data in March 2020.

Image: Raid Forums

Show your support for our…