T-Mobile begins investigation after hacker posts stolen data on forum

T-Mobile begins investigation after hacker posts stolen data on forum

T-Mobile USA has launched an investigation into a hacker on Raids Forum, who is advertising stolen customer records. The hacker, who goes by the moniker ‘Subvirt,’ posted on the Raids Forum asking for six bitcoin (about €243,000) from other hackers who may need access to some of the extracted data.

The advertisement claims that the information contains Social Security numbers and driver’s license details.

The listing itself makes no mention of T-Mobile but, the hacker spoke to Bleeping Computer and told the publication that they took the data from the telecom company in an expansive data breach.

The claims

The hacker claims they infiltrated T-Mobile’s production, staging, and development servers two weeks ago, including an Oracle server that stores customer data.

Supposedly, the data contains more than 100 million T-Mobile customer records.

They include customer names, PINs, dates of birth, Social Security numbers, driver’s license numbers, International Mobile Equipment Identity numbers, phone numbers, and International Mobile Subscriber Identity numbers.

There is an odd aspect to this, in that the alleged hack is getting media attention but no comments on the Raids Forum. Usually, a listing like this gets user comments. Right now, the only comment is by Subvirt, who is trying to draw attention.

A history of getting hacked

If the hack did affect T-Mobile, it won’t be the first time the company is getting hacked. T-Mobile has become infamous in recent years for its notoriously lax security and how often it is the target of hackers.

If the investigation proves the hack happened, it will bring the total number of T-Mobile hacks since 2018 to five. When you are that bad at security, maybe you shouldn’t be in a business that involves storing personal/private information.