The hacker purportedly plans to sell a subset of their stolen information 6 BTC ($286,000)
According to Vice’s Motherboard, T-Mobile is investigating an alleged data breach claimed by the author of the post on an underground forum. The Aug. 15 report says the hacker claims to have obtained data on more than 100 million customers from T-Mobile servers.
Motherboard has seen samples of the data which include social security numbers, phone numbers, names, physical addresses, unique IMEI numbers and driver license information.
The seller told the outlet that they are privately selling most of the data at the moment, but will hand over a subset of the data containing 30 million social security numbers and driver licenses for the BTC ransom.
A T-Mobile spokesperson said that the company is “aware of claims made in an underground forum” and is “actively investigating their validity” adding: “We do not have any additional information to share at this time.”
It is not the first time T-Mobile has been at the center of a cyber-security scandal. In February, the mobile carrier was sued by a victim who lost $450,000 in Bitcoin in a SIM-swap attack.
A SIM-swap attack occurs when the victim’s cell phone number is stolen. This can then be used to hijack the victim’s online financial and social media accounts by intercepting automated messages or phone calls that are used for two-factor authentication security measures.