Self-described hackers claim to have stolen the personal data of 100mn people from servers belonging to T-Mobile US, reports Vice. Journalists from Vice say they have seen examples of the stolen data and confirmed it is accurate. The data reportedly includes social security numbers, phone numbers, names, physical addresses and IMEI numbers.
The apparent breach came to light because the data is being offered for sale via ‘an underground forum’. A statement from T-Mobile shared with Reuters and other media companies said:
We are aware of claims made in an underground forum and have been actively investigating their validity. We do not have any additional information to share at this time.
The sellers asked for BTC6 (USD275,000) for a data dump containing the social security and driver license details of 30,000 people. That would imply the entire data set is worth over USD900mn, which is unrealistic. However, it is possible that they will be able to extract a premium price for data relating to prime targets such as politicians, celebrities and other rich individuals. Whatever the hackers make by selling the data, T-Mobile may regret not spending as much on protecting personal data.