T-mobile confirms data breach after customer data posted online

T-Mobile has confirmed “unauthorised access” to its systems after some of its customer data was listed for sale on a known cybercriminal forum.

In a statement, T-Mobile acknowledged the intrusion but stated that it has “not yet determined that there is any personal customer data involved.” The company said that its investigation will “take some time.”

“We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed.”

Vice reported that T-Mobile investigated a possible intrusion after a seller was claiming to be in possession of millions of records.

The seller told Vice that they had 100 million records on T-Mobile customers, which included customer account names, phone numbers, the IMEI numbers of phones on the account, and Social Security number and driver’s license information – details that the company often collects to verify the identity of its customers.

Vice assessed a sample of the records from the seller, confirming that the data is at least partially valid.

The data reportedly originated on a T-Mobile that contained user details including IMEI and IMSI numbers dating back to 2004. The IMEI number identifies specific handsets while the IMSI is a unique customer reference code for telecoms operators.