T-Cell stated on Monday that hackers breached its inner servers and that firm investigators are within the strategy of figuring out if the incident includes the theft of delicate buyer knowledge.
“Now we have decided that unauthorized entry to some T-Cell knowledge occurred, nonetheless we have now not but decided that there’s any private buyer knowledge concerned,” the corporate stated in a press release. “Now we have been working across the clock to research claims being made that T-Cell knowledge could have been illegally accessed.”
The assertion got here a day after Motherboard reported {that a} discussion board put up was promoting an enormous trove of information on the market. The put up didn’t point out T-Cell, however the vendor advised the publication that knowledge associated to greater than 100 million individuals and that it got here from T-Cell servers.
The vendor reportedly stated that the information included social safety numbers, cellphone numbers, names, bodily addresses, distinctive IMEI numbers, and driver license numbers. Motherboard confirmed that samples of information made out there by the vendor “contained correct data on T-Cell clients.”
Ars has been unable to substantiate the authenticity of the claims made by the one that printed the put up and spoke to Motherboard.
By some counts, T-Cell has skilled as many as six separate knowledge breaches lately. They embody a hack in 2018 that gave unauthorized access to buyer names, billing ZIP codes, cellphone numbers, e-mail addresses, and account numbers. In a breach from last year, hackers absconded with knowledge together with buyer names and addresses, cellphone numbers, account numbers, fee plans and options, and billing data.
In accordance with reporting by journalist Jeremy Kirk, the particular person chargeable for the newest T-Cell hack claimed that they obtained unauthorized entry by exploiting a misconfigured GPRS gateway, which carriers use in 2G or 3G mobile communications.
The one who claims to have compromised T-Cell says the corporate misconfigured a gateway GPRS help node that was apparently used for testing. It was uncovered to the web. That allowed the particular person to finally pivot to the LAN. Proof screenshot equipped. pic.twitter.com/tBMvRBmG0r
— Jeremy Kirk (@Jeremy_Kirk) August 16, 2021
If claims that knowledge for 100 million individuals have been hacked show to be true, this newest breach will likely be among the many largest provider knowledge breaches ever.
