US-based T-Mobile looking into alleged massive data breach on 100 million customers

The data hack is said to have compromised personal data belonging to over 100 million users.
A subset of the stolen data set is expected to be sold for over $250,000.
Investigations are already in place to take necessary actions against the alleged hacker.

Hacking and cybercrime have become mainstream, and so have incidents revolving around giant corporations. However, the recent hacking of United States telecom giant T-Mobile’s database has sent shock ripples throughout.

It is being speculated that the alleged massive data breach may have compromised more than 100 million users of the platform. The hacker purportedly plans to sell a portion of the stolen information for 6 BTC ($286,000).

The data breach is being investigated by the telco, as reported by Vice’s Motherboard. The latter has seen samples of the data, which contains risky information such as social security numbers, phone numbers, names, physical addresses, unique IMEI numbers, driver’s license information, and more.

Active Investigations are On

The hacker said, in reference to T-Mobile’s awakened response to the data breach, “I think they already found out because we lost access to the backdoored servers.” The seller told Motherboard that they would be selling most of the data privately at the moment. However, they would additionally hand over a subset of the data containing over 30 million social security numbers and driver licenses to gain hold over the BTC ransom.

T-Mobile is actively investigating the validity of these claims by the hacker, a spokesperson from the telco said recently. “We do not have any additional information to share at the time,” they added. T-Mobile sure seems to be in a tight spot, considering the massive scale of the data breach in question.

Hardware wallet manufacturer Ledger faced a class-action lawsuit in April this year over a similar case of a data breach. Sensitive personal data of more than 270,000 customers were stolen between April and June 2020 from the platform, causing unprecedented opposition.

A History of Cybersecurity Scandals

T-Mobile already has previous records of cybersecurity issues under its wings. In February this year, the telecom company was sued by a victim who reportedly lost $450,000 in Bitcoin due to a SIM-swap attack.

A SIM-swap attack refers to the stealing of a victim’s cell phone number, using which cybercriminals can hijack the various digital finance and social media accounts of the cell number holder. Automated messages, phone calls for two-factor authentication, and even OTPs can be intercepted by these cybercriminals using these phone numbers alone and can cause huge losses to the victim, such as was this case with a T-Mobile user.

Calvin Cheng, the victim, blamed T-Mobile for not being able to provide adequate protection to prevent unauthorized access and cyber-attacks of this magnitude. Hackers were able to access customer accounts through T-Mobile, it seems.

In July 2020, the telco was sued again, this time by a crypto firm over not one but multiple SIM-Swap cases, which caused the firm to face a loss of $8.7 million worth of digital assets.