T-Mobile Reseller Suffered Breach That Leaked 90GB of Data





Cybercriminals reportedly leaked 90GB of data from a T-Mobile reseller on the black market yesterday. The information was originally stolen back in April, according to The Mobile Report. The leaked database was posted to a cybercriminal forum and titled “T-Mobile, Connectivity Source.” Connectivity Source is a third-party retailer of T-Mobile service. The Mobile Report said multiple databases were accessed back in April and became available only yesterday, so the amount of exposed data could rise.

It was originally reported that T-Mobile had experienced a data breach that exposed 90GB of employee data including names, employee IDs, job titles, email addresses, employee log in information, region of employment and Social Security numbers, but T-Mobile denied this claim in a statement.

“There has not been a T-Mobile data breach,” a T-Mobile spokesperson told Cord Cutters News. “The data being referred to online is believed to be related to an independently owned authorized retailer from their incident earlier this year.  T-Mobile employee data was not exposed.”

The possibility of a security incident was first reported by Twitter user, vx-underground.

“T-Mobile has been breached (again),” vx-underground tweeted. “Data has been exfiltrated and it is being shared online (again).”

This incident comes hot on the heels of T-Mobile customers reporting a glitch that allowed them to see other users’ account data. T-Mobile fixed the issue and said it wasn’t the result of an outside attack.

In May, T-Mobile disclosed that 836 customers were affected in a security breach. The carrier said its systems had detected that a bad actor had accessed limited information from a small number of T-Mobile accounts. While account PINs were compromised, T-Mobile said account information and call records were not affected. The company reset account PINs and offered free credit monitoring and identity theft detection via Transunion myTrueIdentity for the next two years.

In January, T-Mobile said “a threat actor stole the personal information of 37 million current postpaid and prepaid customer accounts through one of its Application Programming Interfaces” and that the breach had been ongoing since late November 2022. T-Mobile recommended that customers review their account information, update their PINs, change passwords, and monitor all account activity, including their credit reports. The company advises setting up fraud alerts with all three major credit bureaus and placing a freeze on their credit file.

This article was updated to reflect the information in T-Mobile’s statement.

Disclaimer: To address the growing use of ad blockers we now use affiliate links to sites like http://Amazon.com, streaming services, and others. Affiliate links help sites like Cord Cutters News, stay open. Affiliate links cost you nothing but help me support my family. We do not allow paid reviews on this site. As an Amazon Associate I earn from qualifying purchases.

Subscribe to Our Newsletter

* indicates required

Please select all the ways you would like to hear from :

You can unsubscribe at any time by clicking the link in the footer of our emails. For information about our privacy practices, please visit our website.

We use Mailchimp as our marketing platform. By clicking below to subscribe, you acknowledge that your information will be transferred to Mailchimp for processing. Learn more about Mailchimp’s privacy practices here.