Cybercriminals reportedly leaked 90GB of data from a T-Mobile reseller on the black market yesterday. The information was originally stolen back in April, according to The Mobile Report. The leaked database was posted to a cybercriminal forum and titled “T-Mobile, Connectivity Source.” Connectivity Source is a third-party retailer of T-Mobile service. The Mobile Report said multiple databases were accessed back in April and became available only yesterday, so the amount of exposed data could rise.
It was originally reported that T-Mobile had experienced a data breach that exposed 90GB of employee data including names, employee IDs, job titles, email addresses, employee log in information, region of employment and Social Security numbers, but T-Mobile denied this claim in a statement.
“There has not been a T-Mobile data breach,” a T-Mobile spokesperson told Cord Cutters News. “The data being referred to online is believed to be related to an independently owned authorized retailer from their incident earlier this year. T-Mobile employee data was not exposed.”
The possibility of a security incident was first reported by Twitter user, vx-underground.
“T-Mobile has been breached (again),” vx-underground tweeted. “Data has been exfiltrated and it is being shared online (again).”
This incident comes hot on the heels of T-Mobile customers reporting a glitch that allowed them to see other users’ account data. T-Mobile fixed the issue and said it wasn’t the result of an outside attack.
In May, T-Mobile disclosed that 836 customers were affected in a security breach. The carrier said its systems had detected that a bad actor had accessed limited information from a small number of T-Mobile accounts. While account PINs were compromised, T-Mobile said account information and call records were not affected. The company reset account PINs and offered free credit monitoring and identity theft detection via Transunion myTrueIdentity for the next two years.
In January, T-Mobile said “a threat actor stole the personal information of 37 million current postpaid and prepaid customer accounts through one of its Application Programming Interfaces” and that the breach had been ongoing since late November 2022. T-Mobile recommended that customers review their account information, update their PINs, change passwords, and monitor all account activity, including their credit reports. The company advises setting up fraud alerts with all three major credit bureaus and placing a freeze on their credit file.
This article was updated to reflect the information in T-Mobile’s statement.