T-Mobile US Denies Claims of Another Data Breach

T-Mobile US has disputed new rumors which said their employee data was breached by hackers in April, reports The Record.

A T-Mobile spokesperson told Recorded Future News that no breach of their company systems had occurred in April.

“There has not been a T-Mobile data breach,” the company said.

“The data being referred to online is believed to be related to an independently owned authorized retailer from their incident earlier this year. T-Mobile employee data was not exposed.”

This contradicts claims made on Friday by vx-underground, an entity which describes itself as “the largest collection of malware source code, samples, and papers on the internet”. The claim was made using their account on X (formerly known as Twitter).

It seems some data has been made available on black hat hacking site BreachForums. The nature and source of this data is disputed, with T-Mobile insisting it did not come from their systems. Contrary to the assertions made by vx-underground, a post on BreachForums says the data concerns employees of Connectivity Source, a dealer that sells mobile phones and uses the T-Mobile branding. Connectivity Source was said to have been hacked in April. The information includes employee ID numbers, login information, and social security numbers.

T-Mobile may have been falsely accused on this occasion, but it shows how the reputation harm caused by data breaches can continue over time. A leaky API was used to compromise data for 37 million customers during January of this year, and last year the company offered USD350mn to settle claims relating to a 2021 breach which affected 77 million people.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.