The company says that it has received reports of data breaches that could affect 100 million customers. T-Mobile is urging customers to take steps to protect their information, including using two-factor authentication and not sharing their personal information with third-party companies.
Possible T-Mobile Data Breach
According to Motherboard, T-Mobile is investigating the breach to determine its validity. The hackers claim in a forum post that they have personal data on 100 million people from T-Mobile servers.
T-Mobile also talked about how it will handle the situation in the future: “We understand that customers will have questions and concerns, and resolving those is critically important to us. Once we have a more complete and verified understanding of what occurred, we will proactively communicate with our customers and other stakeholders.”
The hackers claim they have the social security numbers, phone numbers, names, physical addresses, IMEI numbers, and driver licenses information of those affected. Motherboard was shown a sample of the data and confirmed that it contains accurate information on T-Mobile customers.
In the forum post, the people with the data are asking for six bitcoin, or around $270,000, for some of the data. The portion they’re selling has 30 million social security numbers and driver licenses. The seller said they’re selling the rest of the data privately at this time.
As far as T-Mobile is concerned, the hackers have said they’ve been shut out of the company’s servers, implying that T-Mobile has discovered their presence and locked them out. With that said, the sellers said they’ve backed up all the data locally and in multiple places, so T-Mobile hasn’t prevented them from taking the information.
In a statement to Motherboard, T-Mobile said, “We are aware of claims made in an underground forum and have been actively investigating their validity. We do not have any additional information to share at this time.” When asked about the scale of the breach, T-Mobile declined to comment.
What Can You Do?
Unfortunately, there isn’t much you can do about this breach at this time besides keeping an eye on your accounts. Monitor your social security number for any signs of identity theft and react quickly if you see anything out of the ordinary.