Hackers selling data on 100M T-Mobile customers after server attack

Posted:
in General Discussion edited August 2021
T-Mobile is looking into a breach of its servers that has apparently resulted in harvested data on over 100 million customers being sold on a hacker forum.




On Sunday, T-Mobile confirmed it was investigating a post on a hacker forum claiming to sell a cache of data relating to its customers. It is claimed by the poster that they had managed to acquire the data on over 100 million people, taken from servers operated by the carrier.

The data stems from "T-Mobile USA. Full customer info," the forum poster told Motherboard, and that multiple servers were compromised to get it.

The trove of data appears to consist of names, phone numbers, physical addresses, IMEI numbers, driver license information, and social security numbers. Samples obtained in reports appear to be genuine.

According to cybersecurity firm Cyble speaking to BleepingComputer, the attacker claims to have stolen multiple databases, acquiring some 106GB of data in the process.

The seller was openly offering data on 30 million social security numbers and driver licenses via the forum, requesting 6 bitcoin ($283,000) for the trove. They said the rest of the data is being sold privately through other deals.

It is believed that T-Mobile knows about the intrusion, as the seller said "I think they already found out because we lost access to the backdoored servers."

In its statement, T-Mobile says it is "aware of claims made in an underground forum and have been actively investigating their validity. We do not have any additional information to share at this time."

The hack is the latest for the carrier, and probably the biggest it has suffered so far. In 2018, a breach saw data on 2 million customers swiped, followed by another breach in 2019.

With some 104.8 million subscribers as of Q2 2021, the latest breach may have theoretically affected almost all of T-Mobile's customers.

Read on AppleInsider

Comments

  • Reply 1 of 17
    Not just this company, but ALL the personal info hacks - WHY IS NONE OF THIS INFORMATION ENCRYPTED???????
    ITGUYINSDpulseimageswatto_cobra
  • Reply 2 of 17
    tedz98tedz98 Posts: 80member
    Even if the data is encrypted, if your hack is through a compromised userid and password the data will be decrypted. The real question should be why there isn’t two factor authentication?
    ronnpulseimageswatto_cobra
  • Reply 3 of 17
    MacProMacPro Posts: 19,718member
    Next T-Mobile Ad, 'We 5G have coverage everywhere, so is your data!" ;)

    watto_cobra
  • Reply 4 of 17
    davgregdavgreg Posts: 1,036member
    MacPro said:
    Next T-Mobile Ad, 'We 5G have coverage everywhere, so is your data!" ;)

    Do not worry, your data has already been compromised.
    Between all the differing hacks over the years, your info sits in some database for sale.

    Cannot believe that anyone would be stupid enough to give a Social Security number for a cell phone.
    watto_cobra
  • Reply 5 of 17
    Dogperson said:
    Not just this company, but ALL the personal info hacks - WHY IS NONE OF THIS INFORMATION ENCRYPTED???????
    Great question. Why is none of your information encrypted on iCloud? We know it isn't because Apple can scan your photos for illegal images and then have humans review them before sending all your data unencrypted to the government.
    tyler82
  • Reply 6 of 17
    M68000M68000 Posts: 719member
    tedz98 said:
    Even if the data is encrypted, if your hack is through a compromised userid and password the data will be decrypted. The real question should be why there isn’t two factor authentication?
    Makes a person wonder things…. If encrypted which it should be,  was it an inside job by somebody at T-Mobile?   How long has the CISO been there?  Would not be fun being them with this news.
    watto_cobra
  • Reply 7 of 17
    badmonkbadmonk Posts: 1,285member
    And more importantly why are these hacks given less importance than fake App Store monopoly concerns by our political leaders?  If appropriate fines were levied or legislation passed these issues would be much less common.
    lkruppwatto_cobrajony0
  • Reply 8 of 17
    MplsPMplsP Posts: 3,911member
     The seller was openly offering data on 30 million social security numbers and driver licenses via the forum, requesting 6 bitcoin ($283,000) for the trove.”

    Hmmm, yet another criminal using Bitcoin. What’s the advantage of cryptocurrency again?
    watto_cobra
  • Reply 9 of 17
    davgreg said:
    MacPro said:
    Next T-Mobile Ad, 'We 5G have coverage everywhere, so is your data!" ;)

    Do not worry, your data has already been compromised.
    Between all the differing hacks over the years, your info sits in some database for sale.

    Cannot believe that anyone would be stupid enough to give a Social Security number for a cell phone.

    Cannot believe that anyone would be stupid enough to give a Social Security number for a (name product sold on credit). Anything involving a credit check will entail handing out the SS#.

    Just when I thought I would convert my prepaid TMo account to a postpaid account, this happens. Looks like I'll stick with prepaid service.
    ronntyler82watto_cobra
  • Reply 10 of 17
    tedz98 said:
    Even if the data is encrypted, if your hack is through a compromised userid and password the data will be decrypted. The real question should be why there isn’t two factor authentication?

    TMobile's definition of security is forcing people to change their passwords about every other month. PITA because I don't always remember the latest password update. But, with a cell phone data breach, how would a two-factor authentication work, given how many of them involving entering a code sent via SMS text?
    watto_cobra
  • Reply 11 of 17
    coolfactorcoolfactor Posts: 2,239member
    Dogperson said:
    Not just this company, but ALL the personal info hacks - WHY IS NONE OF THIS INFORMATION ENCRYPTED???????
    Great question. Why is none of your information encrypted on iCloud? We know it isn't because Apple can scan your photos for illegal images and then have humans review them before sending all your data unencrypted to the government.

    Really not worth a response, but you have it wrong. Data in iCloud _is_ encrypted. The scanning process starts with the phone analyzing a "hash" of the photo for a match. It's encrypted on the phone during the process. When a match is made, then the photo is sent with a separate "wrapper" encryption that the iCloud servers are permitted to unwrap when they have acquired enough "vouchers". This threshold must be reached or the decryption process does not work. Apple explains all of this in their technical explanation.

    Yes, challenge Apple all you want, but make sure you are challenging based on truth and fact, not assumption.
    roundaboutnowfastasleepwatto_cobrajony0
  • Reply 12 of 17
    GeorgeBMacGeorgeBMac Posts: 11,421member
    Our nation faces two major threats:
    -- Viral and bacterial pandemics (including antibiotic resistant bacteria we create) yet our public health agencies remain antiquated shambles
    --  Cyber attacks (including foreign and domestic disinformation) which gets a big shrug from our government.  ("Not my job!")_

    While we sink Trillions into Aircraft carriers and F35s, we do little or nothing to defend ourselves against the enemies actually attacking us.

    Why is that?
    Answer:   As always, "Follow the money"
  • Reply 13 of 17
    Our nation faces two major threats:
    -- Viral and bacterial pandemics (including antibiotic resistant bacteria we create) yet our public health agencies remain antiquated shambles
    --  Cyber attacks (including foreign and domestic disinformation) which gets a big shrug from our government.  ("Not my job!")_

    While we sink Trillions into Aircraft carriers and F35s, we do little or nothing to defend ourselves against the enemies actually attacking us.

    Why is that?
    Answer:   As always, "Follow the money"
    One of the biggest problems is WHO makes our network hardware. How can you secure a door when the door and lock are sold to you by a known thief?
    watto_cobra
  • Reply 14 of 17
    GeorgeBMacGeorgeBMac Posts: 11,421member
    Our nation faces two major threats:
    -- Viral and bacterial pandemics (including antibiotic resistant bacteria we create) yet our public health agencies remain antiquated shambles
    --  Cyber attacks (including foreign and domestic disinformation) which gets a big shrug from our government.  ("Not my job!")_

    While we sink Trillions into Aircraft carriers and F35s, we do little or nothing to defend ourselves against the enemies actually attacking us.

    Why is that?
    Answer:   As always, "Follow the money"
    One of the biggest problems is WHO makes our network hardware. How can you secure a door when the door and lock are sold to you by a known thief?

    Your post is indicative of another problem:   political ideology trumping reality.   It doesn't get problems solved.  It only creates new ones.
  • Reply 15 of 17
    fastasleepfastasleep Posts: 6,408member
    Dogperson said:
    Not just this company, but ALL the personal info hacks - WHY IS NONE OF THIS INFORMATION ENCRYPTED???????
    Great question. Why is none of your information encrypted on iCloud? We know it isn't because Apple can scan your photos for illegal images and then have humans review them before sending all your data unencrypted to the government.
    You sure are wrong a lot: https://support.apple.com/en-us/HT202303

    DataEncryptionNotes
    In transitOn server
    BackupYesYesA minimum of 128-bit AES encryption
    Safari History & BookmarksYesYes
    CalendarsYesYes
    ContactsYesYes
    Find My (Devices & People)YesYes
    iCloud DriveYesYes
    Messages in iCloudYesYes
    NotesYesYes
    PhotosYesYes
    RemindersYesYes
    Siri ShortcutsYesYes
    Voice MemosYesYes
    Wallet passesYesYes
    edited August 2021 ronnwatto_cobrajony0
  • Reply 16 of 17
    crowleycrowley Posts: 10,453member
    Dogperson said:
    Not just this company, but ALL the personal info hacks - WHY IS NONE OF THIS INFORMATION ENCRYPTED???????
    Great question. Why is none of your information encrypted on iCloud? We know it isn't because Apple can scan your photos for illegal images and then have humans review them before sending all your data unencrypted to the government.
    You sure are wrong a lot: https://support.apple.com/en-us/HT202303

    DataEncryptionNotes
    In transitOn server
    BackupYesYesA minimum of 128-bit AES encryption
    Safari History & BookmarksYesYes
    CalendarsYesYes
    ContactsYesYes
    Find My (Devices & People)YesYes
    iCloud DriveYesYes
    Messages in iCloudYesYes
    NotesYesYes
    PhotosYesYes
    RemindersYesYes
    Siri ShortcutsYesYes
    Voice MemosYesYes
    Wallet passesYesYes
    I believe much or all of that is encrypted with keys that Apple have though, not with end to end user keys, so theoretically Apple could unencrypt it and share it with law enforcement.  A pretty compelling reason from a consumer standpoint to switch to full end to end encryption and shift any validation to on-device systems.
    ronn
  • Reply 17 of 17
    crowley said:
    Dogperson said:
    Not just this company, but ALL the personal info hacks - WHY IS NONE OF THIS INFORMATION ENCRYPTED???????
    Great question. Why is none of your information encrypted on iCloud? We know it isn't because Apple can scan your photos for illegal images and then have humans review them before sending all your data unencrypted to the government.
    You sure are wrong a lot: https://support.apple.com/en-us/HT202303

    DataEncryptionNotes
    In transitOn server
    BackupYesYesA minimum of 128-bit AES encryption
    Safari History & BookmarksYesYes
    CalendarsYesYes
    ContactsYesYes
    Find My (Devices & People)YesYes
    iCloud DriveYesYes
    Messages in iCloudYesYes
    NotesYesYes
    PhotosYesYes
    RemindersYesYes
    Siri ShortcutsYesYes
    Voice MemosYesYes
    Wallet passesYesYes
    I believe much or all of that is encrypted with keys that Apple have though, not with end to end user keys, so theoretically Apple could unencrypt it and share it with law enforcement.  A pretty compelling reason from a consumer standpoint to switch to full end to end encryption and shift any validation to on-device systems.
    There's nothing theoretical about it. It's fact.  Apple, in exacting detail twice yearly, explains exactly what they share with governments.  Not only in the US, but governments around the world.  You are right that Apple holds the encryption keys to data.  There was a big "to do" a couple of years ago about Apple being required to store Chinese customer iCloud data in China on Chinese servers AND store the encryption keys there as well.  iCloud data is among a whole host of customer information subject to governmental warranted request.  Info detailed in the biannual Transparency Report: https://www.apple.com/legal/transparency/

    tl;dr If it's stored in iCloud it's encrypted.  Apple holds the encryption keys so the data can be shared.  In 2020 Apple honored ~90% of US Government requests for user data.
    muthuk_vanalingamronnjony0
Sign In or Register to comment.