T-Mobile has confirmed that threat actors hacked their servers in a recent cyber attack but still investigate whether customer data was stolen.
Yesterday, news broke that a threat actor was selling the alleged personal data for 100 million T-Mobile customers after they breached database servers operated by the mobile network.
The hacker told BleepingComputer that the databases stolen during the attack contain the data for approximately 100 million T-Mobile customers, including IMSI numbers, IMEI numbers, phone numbers, customer names, security PINs, Social security numbers, driver’s license numbers, and date of birth.
This data was stolen approximately two weeks ago and contains customer data going back as far as 2004.
Their entire IMEI history database going back to 2004 was stolen, the hacker told BleepingComputer.
When we contacted T-Mobile yesterday, they stated that they were aware of the claims and were actively investigating whether they were breached.