In a statement dated August 16, 2021, T-mobile confirmed allegations that their servers had indeed been hacked. They insisted, however, that preliminary investigations have not established if the hackers managed to access any sensitive customer information.
The statement also pointed out that the T-mobile team was working closely with law enforcement and digital forensic experts to identify if, in fact, the data sale on the dark web resulted from this breach and if there is any legitimacy to claims on this forum.
T-Mobile has also insisted that they are taking this breach very seriously, and although it may take time, they are prioritizing this investigation and giving it a top priority. This is potentially the 6th data breach for the Telcom company, which leaves concerns over their safety and security protocols on cybersecurity matters.
Even though there has been very little new information on the breach, there are claims that it was massive, affecting up to 100 million customers. In the hacker’s forum post, there are bold claims that 30 million social security numbers, physical addresses, driver’s licenses, and phone numbers had been collected. Although T-Mobile is still investigating these claims, Motherboard-the first site to report the hack-insists that the allegations are true.
While most of the information is being sold privately, some of it, including driver’s license data and social security numbers, is publicly on sale for about $270,000 (6 bitcoin). This information is devastating to customers, as it has emerged that all prepaid and post-paid T-Mobile users in the U.S have been affected by this breach.
T-Mobile, in their statement, insisted that they had identified and closed the entry point of the data breach, but this came as little consolation to their clients, as most of the information is already on the dark web. While the investigation is still ongoing, it is worth mentioning that Motherboard also confirmed that snippets of the data on sale match specific T-Mobile customer information.
The million-dollar question is, who hacked T-Mobile and how serious is the data breach? If the hacker’s claims are anything to go by, this could be the largest recorded breach the mobile company has faced, putting up to 36 million Americans at imminent risk.
The hackers, in a Twitter statement, insist that the information they possess was from T-Mobile servers.
The statement issued by @und0xxed, one of the hackers suspected to be involved in the sale of the information, claimed that all they needed was a T-Mobile number to extract all the customer’s sensitive details. These details include IMEI (International Mobile Equipment Identity), IMSI (International Mobile Subscriber Identity), and other sensitive customer data.
What is concerning here is that these Identity numbers universally identify specific mobile devices. They are also used to prevent theft, as every mobile device has its unique identification. With the IMEI number as well as other customer identification details, hackers can easily steal your identity. This information is dangerous in the wrong hands.
As to who hacked T-Mobile, there are speculations that it may be the work of John Erin Binns, an infamous hacker who operates a website called Intelsecrets. The reason behind these claims is that this website has been at the center of several lawsuits. Binns is also a suspect because @und0xxed confirmed that his page (IntelSecrets) was involved in the T-Mobile saga.
This information is still speculation, but experts say that most of this information may go public at some point, which would be a nightmare for both T-Mobile and its customers. How the data breach happened is still largely unclear, but there are claims that it may have occurred via a Gateway GPRS Support Node (GGSN). This gateway is a go-between the telecommunication company’s network and the internet. Experts agree that this may have been a likely weak link.
Most of these claims have not been confirmed. The only way to know what happened is to wait for T-Mobile to issue an official statement.
Source : HackerCombat