Fears of Enormous Data Breach at T-Mobile US

Self-described hackers claim to have stolen the personal data of 100mn people from servers belonging to T-Mobile US, reports Vice. Journalists from Vice say they have seen examples of the stolen data and confirmed it is accurate. The data reportedly includes social security numbers, phone numbers, names, physical addresses and IMEI numbers.

The apparent breach came to light because the data is being offered for sale via ‘an underground forum’. A statement from T-Mobile shared with Reuters and other media companies said:

We are aware of claims made in an underground forum and have been actively investigating their validity. We do not have any additional information to share at this time.

The sellers asked for BTC6 (USD275,000) for a data dump containing the social security and driver license details of 30,000 people. That would imply the entire data set is worth over USD900mn, which is unrealistic. However, it is possible that they will be able to extract a premium price for data relating to prime targets such as politicians, celebrities and other rich individuals. Whatever the hackers make by selling the data, T-Mobile may regret not spending as much on protecting personal data.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.