T-Mobile is the brand name used by the mobile communications subsidiaries of the German telecommunications company Deutsche Telekom AG.
The brand which has presence in Czech Republic, the Netherlands, Poland (T-Mobile Polska), and the United States (T-Mobile US), is known as one among the largest telecommunication heavyweights in the world.
And this time, hackers appear to be selling personally identifiable information (PII) relating to more than 100 million T-Mobile customers to an underground hacking forum, in an exchange for Bitcoins.
Data reportedly includes T-Mobile users' social security numbers (SSN), phone numbers, names, physical addresses, unique IMEI numbers, and driver license (DL) information.
T-Mobile said that it is "aware of claims made" on underground web forums, and that it is investigating the issue. Days later, the company confirmed that a hack has happened.
"We have determined that unauthorized access to some T-Mobile data occurred," T-Mobile said.
T-Mobile wrote in its announcement:
"We have determined that unauthorized access to some T-Mobile data occurred, however we have not yet determined that there is any personal customer data involved."
"This investigation will take some time but we are working with the highest degree of urgency. Until we have completed this assessment we cannot confirm the reported number of records affected or the validity of statements made by others."
After this, the hackers said that they "lost access to the backdoored servers."
But the damage appears to have already been done, with the hackers claiming that they already had the data and “backed it up” in “multiple places.”
It is said that the leaked data belongs to T-Mobile customers in the U.S..
While the forum post doesn't say explicitly that the data belongs to T-Mobile, the seller told Motherboard that they obtained the information by breaching the company's servers. Motherboard that gets a sample of the data, confirmed that the data is real.
Initially, the hackers put up less than a third of the stolen data with SSN and DL details for sale on the dark web, for a price of 6 BTC (about $270,000). As for the remaining 70%, the hackers intend to sell the database privately.
T-Mobile has a less-than-stellar history of breaches in recent years.
The company has experienced hack in 2018, 2019 and also in 2020, where hackers scraped data of its 200,000 users.
At this time, T-Mobile is the second largest carrier in the U.S., after completing its merger with Sprint earlier this 2021.
The company reported a subscriber base of 104.8 million in the second quarter of 2021, second only to Verizon with 121.3 million subscribers.
Following the hack, shares of T-Mobile were down as much as 2% in pre-market trading on Monday.