Popular American telecommunications provider T-Mobile has reportedly suffered a massive data breach involving over 100 million customers, with the attackers planning to exchange the stolen information for Bitcoin (BTC).
Vice’s publication Motherboard reported over the weekend that the attackers are requesting six bitcoins ($284,424) in exchange for 30 million hacked T-Mobile customers’ data.
Per the report, the remaining 70 million users’ information is already being sold over the dark web marketplace. Notably, the stolen data include T-Mobile customers’ full names, social security numbers, phone numbers, residential addresses, unique IMEI numbers, and driver’s license information.
Motherboard stated that it was able to obtain samples of the hacked T-Mobile customers’ data, which appears to contain accurate information.
The media outlet added that the attackers revealed in an online chat that they got the customers’ details by compromising multiple servers belonging to T-Mobile.
However, the telecommunications giant has since blocked loopholes to prevent hackers from accessing its servers and causing further damage.
Despite not being able to access T-Mobile’s servers anymore, the hackers told Motherboard that it anticipated the move, as it has already downloaded the data locally, claiming that they are “backed up in multiple places.”
T-Mobile Investigating the Matter
Responding to the development, T-Mobile confirmed that it is investigating an online forum post that claims that millions of its customers’ personal information is being sold on the dark web, to verify its validity.
Further efforts made by Motherboard to get the telecom giant to describe the extent of the massive data heist proved abortive as T-Mobile refused to answer follow-up questions.
“We do not have any additional information to share at this time,” T-Mobile said.
T-Mobile Suffers Data Breaches in Four Consecutive Years
This is not the first time T-Mobile has suffered from data breaches. The telco has been on the receiving end of hackers’ wrath from 2018 to 2020, with millions of customers’ information carted away.
T-Mobile revealed in a report published by The Register that attackers were able to lay hands on customers’ information via its employees’ emails.