T-Mobile has confirmed that a data breach has occurred, but that the company has yet to determine if customers' personal data is involved in the hack.
Reports of the T-Mobile data breach were first made over the weekend after Vice's tech arm, Motherboard, first broke the news.
T-Mobile Confirms Data Breach Occurred
T-Mobile has confirmed that a data breach has occurred. T-Mobile initially said that it was investigating a possible hack over the weekend.
"We have determined that unauthorized access to some T-Mobile data occurred," T-Mobile said in a statement posted on the company's website.
The T-Mobile data breach was first reported by Vice's tech arm, Motherboard, after the hacker claimed that they have stolen personal data of over 100 million T-Mobile users.
T-Mobile has also admitted that the company has "not yet determined that there is any personal customer data involved."
According to a report by Ars Technica, T-Mobile has already suffered more than five data breaches in recent years. In fact, T-Mobile started off 2021 by announcing a data breach that affected 200,000 customers.
Related Article: Warning! Worst Hacking and Data Breaches of 2020 (So Far) That'll Make You Think if You're Safe
T-Mobile Hacker Claims Possession of 100 Million Users' Data
The hacker behind the most recent T-Mobile data breach has claimed they have the personal data of over 100 million users. The data is said to include driver's license numbers, social security numbers, names, and physical addresses among others, according to a report by Ars Technica.
Per Vice's initial report, its tech arm "Motherboard has seen samples of the data, and confirmed they contained accurate information on T-Mobile customers."
The T-Mobile data breach can be seen as a ransomware attack as the hacker has asked for 6 bitcoin valued at around $270,000 in exchange for a subset of the alleged stolen data. The subset includes 30 million driver's license numbers and social security numbers.
The T-Mobile hacker has also told Motherboard that "they are privately selling the rest of the data at the moment."
How Did the T-Mobile Data Breach Happen?
The person who claims to have compromised T-Mobile says the company misconfigured a gateway GPRS support node that was apparently used for testing. It was exposed to the internet. That allowed the person to eventually pivot to the LAN. Proof screenshot supplied. pic.twitter.com/tBMvRBmG0r
— Jeremy Kirk (@jkirk@infosec.exchange) (@Jeremy_Kirk) August 16, 2021
Ars Technica cited the tweet by Jeremy Kirk, which says that the hacker was able to gain unauthorized access thanks to a GPRS gateway that T-Mobile misconfigured.
In its statement posted on the company website, T-Mobile has said that they are "confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed."
T-Mobile has noted that the data breach investigation will take time, but that the company is moving with the highest sense of urgency.
"I think they already found out because we lost access to the backdoored servers," the hacker told Motherboard.
T-Mobile has said that it will wait until the investigation and assessment are completed before confirming the number of records affected by the data breach.
Also Read: How to Protect Your Personal Data from Ransomware 2021
This article is owned by Tech Times
Written by Isabella James
Related Article
How to Protect Your Personal Data from Ransomware 2021
Warning! Worst Hacking and Data Breaches of 2020 (So Far) That'll Make You Think if You're Safe
T-Mobile Hacked 2021: 200,000 Sensitive Customer Data Breached [Report]
