Data Of 47 Million T-Mobile Subscribers Leaked And Sold In The “Underground” Forum

T-Mobile data leaks due to cybersecurity vulnerability due to work from home culture. (photo: Mika B./Unpslash)

JAKARTA - The US Federal Communications Commission (FCC) said late Wednesday, August 18 that it would investigate a data breach revealed by T-Mobile US Inc (TMUS.O) that affected more than 47 million current and potential customers.

The third-largest US wireless carrier said the personal data, including social security numbers and SIM information, of more than 40 million former and prospective customers had been stolen along with data from 7.8 million of T-Mobile's existing wireless subscribers.

Birthdates, first and last names were also stolen, the telecom service provider said, adding there was no indication their financial details had been compromised.

"Telecommunications companies have an obligation to protect their customers' information. The FCC is aware of reports of data breaches affecting T-Mobile customers and we are investigating them", an FCC spokesman told Reuters.

The company, which had 104.8 million subscribers as of June 2021, admitted to the data breach on Sunday, August 15, after US-based digital media outlet Vice reported that a seller had posted on an underground forum offering personal data, including numbers. social security from breaches on mobile T- Server.

T-Mobile (TN) also said about 850.000 active T-Mobile prepaid subscriber names, phone numbers, and account PINs were also revealed.

In 2015, AT&T Inc (TN) agreed to pay a USD 25 million fine to complete an FCC investigation into consumer privacy violations at AT&T call centers.

Vice said the seller claimed that 100 million people had their data compromised in the breach. The seller offers data on 30 million people for 6 bitcoins or about USD 270.000.

Later reports showed that the asking price had slumped and the entire data was sold for just USD 200. Reuters has not been able to verify the veracity of the forum post.

The T-Mobile data breach is the latest high-profile cyber attack as digital thieves take advantage of the security weakened by work from home policies due to the COVID-19 pandemic.

Earlier this month, cryptocurrency platform Poly Network lost USD 610 million in hacking and later offered the hacker or hacker a USD 500.000 "bug bounty".