T-Mobile on Monday acknowledged a breach of customer information after a hacker group claimed to have obtained records of 100 million of the operator’s US customers and offered some of the data on the dark web.
The US wireless operator said it could not determine the number of customers impacted but that it had begun a “deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed.”
T-Mobile initially said it was checking the validity of the hacker group’s claim, and hours later acknowledged that at least some data were accessed.
“We have determined that unauthorized access to some T-Mobile data occurred, however we have not yet determined that there is any personal customer data involved,” a company statement said.
“We are confident that the entry point used to gain access has been closed.”
T-Mobile said it was conducting its own analysis with digital forensic experts and coordinating with law enforcement on the hack.
The massive breach purportedly includes sensitive personal information like social security and driver’s license numbers, according to media reports citing postings from dark web forums.
According to screenshots posted by the security website Bleeping Computer, personal data from at least 30 million people were offered for sale on dark web forums for the equivalent of $280,000 in bitcoin.
The breach was first reported by the Vice website Motherboard, which quoted a seller claiming to offer “full customer info” of T-Mobile customers.
The reports come following a wave of data breaches and ransomware attacks affecting a wide range of companies and organizations including a US pipeline operator, Ireland’s health IT system and a major airline in India.
Facebook, Yahoo and Marriott are among US firms hit by massive customer data breaches in recent years affecting more than 100 million users.
T-Mobile in 2019 acquired rival telecom operator Sprint to better position itself against AT&T and Verizon.