Personal data of over 100 million T-Mobile users compromised?

Another day, another data breach. This time, T-Mobile — one of the largest mobile network providers in the world — is investigating a claim on an online forum post whereby the personal data of over 100 million of its users have supposedly been exposed.

Among the personal data involved includes social security numbers, phone numbers, names, physical addresses, unique IMEI numbers, and driver’s license information. Motherboard, Vice’s tech desk that first reported the breach, has seen samples of the data and appears to confirm that they contain accurate info of T-Mobile customers.

In a statement to Reuters, a T-Mobile spokesperson said they are “aware of the claims made in an underground forum and have been investigating their validity.” T-Mobile did not have any additional information to share for now.

According to reports, the hacker is asking for 6 bitcoin, which is about US$270,000, for a subset of the data in the forum. The data subset contains 30 million social security numbers and driver’s license data. The rest of the data is being sold privately.

T-Mobile has supposedly booted the attacker out of their servers at this time. Though, it may be a bit too late as the cybercriminals have already downloaded and purportedly backed up the content.

Interestingly, this is also not the first data breach incident involving T-Mobile. In 2019, cybercriminals compromised sensitive customer info and again in late 2020, limited data of about 200,000 users was scraped as well.

Apart from T-Mobile, telco company data is being highly sought after on the dark web for various reasons. Last month, security firm Cybereason reported that at least five major telco providers in Southeast Asia have been hacked over the past years by different Chinese cyber-espionage groups.

French telco provider, Orange also suffered a ransomware attack last year. With over 266 million customers, the fourth largest mobile operator in Europe had its business service division breached, making the attack limited to that division only.

According to a global study by IBM Security together with the Ponemon Institute, security incidents are becoming costlier and harder to contain due to drastic operational shifts during the pandemic, with costs rising 10% compared to the prior year. Breached companies spent nearly US$4.24 million per incident on average, which was the highest ever cost in the 17-year history of the report.

Following a series of high-profile infrastructure attacks, the US federal government has turned to its local technological heavyweights to help defend against cybercrime. Tech giants like Amazon, Google and Microsoft will be working hand-in-hand with the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency under the initiative, dubbed the Joint Cyber Defense Collaborative (JCDC).

While it may be some time before the JCDC becomes effective, businesses will still have to look for ways to ensure their data, especially customer-related data is well protected. They need to ensure their security patches are updated and that there are no weaknesses in their system which cybercriminals can exploit.