 |
| T-Mobile confirms breach after release of customers data |
Days after T-Mobile posted some customer data for sale on a popular cybercrime forum, it confirmed security breaches and unauthorized access to its system.
The US wireless giant completed a $26 billion merger with Sprint last year, confirming the foray. However, it has not been clarified whether the customer's personal data was stolen.
The company said its investigation would take some time and had not yet set a timeline.
"We believe that the entry point for the visit has been closed," she added. We continue to conduct a comprehensive technical review of the entire system to determine the nature of unlawful access to data.
Previous reports indicate that T-Mobile was investigating possible intrusions after the service provider claimed it had millions of records.
The seller claims to have 100 million T-Mobile customer records, including customer account names, phone numbers, account mobile IMEI numbers, Social Security numbers, and driver's license information—the company often collects this information to verify the identity of its customers.
Forum posts require 6 bitcoins, or about $275,000 for a subset of 30 million customer data.
According to the snapshots from the SSH connection to the production server the Oracle database is running on, the data will be obtained from the T-Mobile database server connected to the Internet.
The seller claimed to have hacked T-Mobile's production, operations and development servers, including an Oracle database server with customer data, two weeks ago.
T-Mobile confirms the hack
The seller also has a comprehensive historical IMEI database dating back to 2004. The IMEI number and ISMI number can be used to uniquely identify and locate mobile phone users.
Cybersecurity firm Cyber said the vendor stole multiple databases totaling around 106GB, including T-Mobile's CRM database.
It is reported that T-Mobile has been attacked by hackers for the fifth time in recent years. T-Mobile announced in January that it had suffered a data breach. Cybercriminals stole about 200,000 call logs and other user data.
T-Mobile has had two accidents in the past year. She admitted that her email system was weak. Hackers can gain access to certain email accounts of T-Mobile employees and gain access to customer data. He also noted the disclosure of 1 million personal and billing information from prepaid customers a few months later.
T-Mobile said in 2018 that it can collect up to 2 million personal customer information.