A hacker appears to be selling personally identifiable information (PII) relating to millions of US-based T-Mobile customers on an underground forum.
While the forum post doesn’t say the data belongs to T-Mobile explicitly, the seller told Motherboard they obtained the information by breaching the telecom company's servers.
The pool of data reportedly includes the social security numbers (SSN), phone numbers, names, physical addresses, unique IMEI numbers, and driver license (DL) information of roughly 100 million T-Mobile customers.
We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.
- These are the best data loss prevention services
- Shield yourself with these best identity theft protection services
- Here’s our list of the best password managers
The hacker has put up less than a third of the stolen data with SSN and DL details for sale on the dark web - for the price of six bitcoin (about $270,000) - with the intent to sell the rest of the database privately.
Responding to reports, T-Mobile issued a statement claiming that it is investigating the potential breach.
"We are aware of claims made in an underground forum and have been actively investigating their validity. We do not have any additional information to share at this time," the company told Motherboard.
Interestingly, the hacker claims that T-Mobile is aware of the breach since the company has sealed their access to the breached servers.
"I think they already found out because we lost access to the backdoored servers," the seller told Motherboard in an online chat.
T-Mobile did not immediately respond to TechRadar Pro’s request for confirmation of the breach.
- We’ve also rounded up the best security keys