T-Mobile is investigating claims that hackers have gained access to the personal data of over 100m of its customers. Cybercriminals are reportedly offering access to some of the data in return for a fee of 6 bitcoin, or $270,000. The cause of the breach is unclear, but this follows a string of breaches for T-Mobile in recent years, after an incident in December 2020 that leaked the call records of around 200,000 customers.
Egress VP of Threat Intelligence Jack Chapman comments: “This could be one of the most serious leaks of consumers’ sensitive information we’ve seen so far this year, potentially affecting 100 million people. Cybercriminals are using T-Mobile’s data to line their pockets, and unfortunately, it’s T-Mobile’s customers who will pay the price.
The data leaked in this breach is reported as being already accessible to cybercriminals, who could now weaponize it to formulate sophisticated phishing attacks targeting the victims. In light of this, I would urge any customers who have been affected by this breach to be wary of any unexpected communications they might now receive, whether that’s over email, text messages or phone calls. Follow-up attacks may utilise the information accessed through this data breach to trick people into sharing more personal data that can be used for identity and financial fraud.
This highlights the need for organizations such as T-Mobile to put in place the right technology to secure their sensitive data and defend their employees and their company from targeted attacks by cybercriminals. It’s time for organizations to take responsibility and ensure they’re keeping their customers’ data out of the hands of cybercriminals."