T-Mobile confirms data breach, but damage remains unclear

T-Mobile says it has blocked off the hacker’s access

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

After announcing it was investigating the apparentsale of customer informationonline, T-Mobile has now confirmed itsservershad indeed been breached and some data exfiltrated.

“We take the protection of our customers very seriously and we are conducting an extensive analysis alongside digital forensic experts to understand the validity of these claims, and we are coordinating with law enforcement,” the telecoms firm toldTechRadar Pro.

The leak came to light when a hacker began offering up personally identifiable information (PII) supposedly relating to millions of US-based T-Mobile customers on an underground forum.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

The pool of stolen data reportedly includes the social security numbers (SSN), phone numbers, names, physical addresses, unique IMEI numbers, and driver license (DL) information of roughly 100 million T-Mobile customers.

Brace for impact

The hacker reportedly said T-Mobile had discovered their entry point, since the company had taken action to seal it off. This too has now been confirmed by T-Mobile.

“We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed,” said T-Mobile.

The company claimed that while it can confirm the unauthorized access of its data, it isn’t in a position to confirm whether the leak included any personal data.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

While T-Mobile is yet to confirm the hacker’s claims, industry experts believe that if the claims are indeed found to be true, the details could be very damaging in the hands of cyber criminals.

“What is most concerning is the availability of mobile phone identity numbers tied to each specific customer’s phone. With a blend of consumer data, criminals can more easily dupe consumers into openingphishingemails and phishing texts,” Sam Curry, Chief Security Officer ofcybersecurityfirm Cybereason, toldTechRadar Pro.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Don’t search for information on cats at work — you could be at risk of being hacked

This dangerous new malware is hitting Windows devices by hiding in games

Singapore Criterium live stream 2024: How to watch FREE UCI cycling online