[ DONATE TO RMN ] [ View Thread ] [ Return to Main Page ] [ Read Prev Article ] [ Read Next Article ] [ CGI Media News Room ] [ SUBSCRIBE TO RMN ]

RMN is Reader Supported

Our Goal for
NOV 6 - DEC 5:
$1500

Powered by FundRazr

Click Widget
or Click Here to contribute.

Checks & Money Orders:

Raye Allan Smith
P.O. Box 95
Ashtabula, OH 44005


Users Online:
81

Who Founded RMNews?


Dewitt Jones' Video
"Celebrate What's Right
With The World"


"When the
Starships Fly!"

Listen at YouTube


The Theme for The Obergon Chronicles

Listen at YouTube


The Obergon Chronicles ebook


RUMOR MILL
NEWS RADIO


CGI ROOM
Common Ground
Independent Media


WHAT ARE
THE FACTIONS?


THE AMAZING
RAYELAN ALLAN


BIORHYTHMS

LOTTO PICKS

OTHER WAYS TO DONATE





RUMOR MILL NEWS AGENTS WHO'VE BEEN INTERVIEWED ON RUMOR MILL NEWS RADIO

______________

NOVEMBER 2008

Kevin Courtois - Kcbjedi
______________

Dr Robin Falkov

______________

Melinda Pillsbury Hr1

Melinda Pillsbury Hr2

______________

Daneen Peterson

______________

Daneen Peterson

______________

Disclosure Hr1

Disclosure Hr2
______________

Scribe
______________

in_PHI_nitti
______________

Jasmine Hr1
Jasmine Hr2
______________

Tom Chittum Hr1
Tom Chittum Hr2
______________

Kevin Courtois
______________

Dr Syberlux
______________

Gary Larrabee Hr1
Gary Larrabee Hr2
______________

Kevin Courtois
______________

Pravdaseeker Hr1
Pravdaseeker Hr2
______________

DECEMBER 2008

Tom Chittum
______________

Crystal River
______________

Stewart Swerdlow Hr1
Stewart Swerdlow Hr2
______________

Janet Swerdlow Hr1
Janet Swerdlow Hr2
______________

Dr. Robin Falkov Hr1
Dr. Robin Falkov Hr2
Dr. Robin Falkov Hr3

JANUARY 2009 ______________

Patriotlad
______________

Patriotlad
______________

Crystal River
______________

Patriotlad
______________

Dr. Robin Falcov
______________

Patriotlad

FEBRUARY 2009

Find UFOs, The Apocalypse, New World Order, Political Analysis,
Alternative Health, Armageddon, Conspiracies, Prophecies, Spirituality,
Home Schooling, Home Mortgages and more, in:

The Rumor Mill News Reading Room

40+ MILLION T-Mobile’s Customers’ Data Stolen; 5th Cyber Attack (at least) Since 2018

Posted By: RumorMail
Date: Friday, 20-Aug-2021 11:50:32
www.rumormill.news/180217

In Response To: Keep Your Data Private! NEW Utopia P2P Decentralized Network Alternative (RumorMail)

T-Mobile: >40 Million Customers’ Data Stolen

Attackers stole tens of millions of current, former or prospective customers’ personal data, the company confirmed. It’s providing 2 years of free ID protection.

T-Mobile has confirmed much of what a threat actor bragged about over the weekend: Personal details for tens of millions of current, former or prospective T-Mobile customers were stolen in a huge breach of its servers.

On Tuesday, it disclosed further details on the data breach in a post on its website, saying that the breach affects as many as 7.8 million postpaid subscribers, 850,000 prepaid customers and “just over” 40 million past or prospective customers who’ve applied for credit with T-Mobile.

Its investigation is ongoing, but so far, it doesn’t look like financial data, credit card information, debit or other payment information was in the stolen files, T-Mobile said. The wireless carrier said that it located and “immediately” closed the access point in its servers that it believes granted access to the attacker(s).

Forrester Analyst Allie Mellen told Threatpost on Wednesday that this attack wasn’t exactly rocket science. “According to the attackers, this was a configuration issue on an access point T-Mobile used for testing,” she said via email. “The configuration issue made this access point publicly available on the Internet. This was not a sophisticated attack; this was not a zero day. T-Mobile left a gate left wide open for attackers – and attackers just had to find the gate.”

At least according to what the purported thief told cybersecurity intelligence firm Cyble, the threat actor made off with a collection of databases that total about 106GB of data, including T-Mobile’s Oracle customer relationship management (CRM) database.

Compromised payment data may not have shown up in T-Mobile’s investigation, but personal information did: As of 01:54 Wednesday morning, T-Mobile had ascertained that the ripped-off data included customers’ first and last names, date of birth, Social Security numbers, and driver’s license/ID information “for a subset of current and former postpay customers and prospective T-Mobile customers.”

The telecommunications bigwig said that it first learned late last week about claims, posted to an underground forum, that threat actor(s) had stolen over 100 million customer records and were offering 30 million for sale for the surprisingly cheap cost of 6 bitcoin (~$270,000), or about 1 cent per record.

According to preliminary analysis, about 7.8 million current T-Mobile postpaid customer accounts’ information were in the stolen files, plus over 40 million records of former or prospective customers who had previously applied for credit with T-Mobile.

Either the purported thief was lying about also getting at phone numbers, account numbers, security PINs, and passwords, or T-Mobile’s preliminary investigations haven’t yet revealed proof that they were. At any rate, the company said that none of those, nor financial information, were compromised in any of the purloined files of customers or prospective customers.

Over the weekend, the threat actor who was offering to sell the records on an underground forum told BleepingComputer and Motherboard that they’d also stolen physical addresses, unique IMEI numbers and IMSI numbers. The attacker told BleepingComputer that T-Mobile’s “entire IMEI history database going back to 2004 was stolen.” IMEI (International Mobile Equipment Identity) is a unique 15-digit code that precisely identifies a mobile device with the SIM card input, and an IMSI (International mobile subscriber identity) is a unique number that identifies every user of a cellular network.

No phone numbers, account numbers, PINs, passwords, or financial information were compromised in any of the stolen records pertaining to customers or prospective customers, Not so for prepaid customers, though: There were, in fact, security PINs for 850,000 prepaid customers involved, T-Mobile said in its update: “At this time, we have also been able to confirm approximately 850,000 active T-Mobile prepaid customer names, phone numbers and account PINs were also exposed.”

It’s reset all the PINs on the prepaid accounts and plans to notify customers “right away,” the company said. No Metro by T-Mobile, former Sprint prepaid, or Boost customers had their names or PINs exposed.

Finally, information from inactive prepaid accounts was compromised through prepaid billing files. There were no customer financial information, credit card information, debit or other payment information or Social Security numbers contained in the inactive file.

Read More




If you enjoyed this article,
Please consider a monthly subscription to Rumor Mill News!!


RMN is an RA production.

Articles In This Thread

The only pay your RMN moderators receive
comes from ads.
Please consider putting RMN in
your ad blocker's whitelist.

Serving Truth and Freedom
Worldwide since 1996
 
Politically Incorrect News
Stranger than Fiction
Usually True!


Powered
by FundRazr
Click Widget
or Click Here to contribute.


Organic Sulfur 4 Health

^


AGENTS WEBPAGES

Provided free to RMN Agents

Organic Sulfur 4 Health

^


AGENTS WEBPAGES

Provided free to RMN Agents



[ DONATE TO RMN ] [ View Thread ] [ Return to Main Page ] [ Read Prev Article ] [ Read Next Article ] [ CGI Media News Room ] [ SUBSCRIBE TO RMN ]

The Rumor Mill News Reading Room is maintained by Forum Admin with WebBBS 5.12.