UPDATE: T-Mobile confirmed the breach, but hasn’t confirmed whether customer data was involved. The offer: 30m records for ~1 penny each, with the rest being sold privately.
A threat actor is selling what they claim to be 30 million T-Mobile customers’ Social Security and driver license numbers on an underground web forum. The collection is a subset of the purported 100 million records contained in stolen databases.
The seller also told Alon Gal, CTO of cybercrime intelligence firm Hudson Rock, that this sucker-punch to US infrastructure was done in retaliation, as Gal tweeted on Sunday: “This breach was done to retaliate against the US for the kidnapping and torture of John Erin Binns (CIA Raven-1) in Germany by CIA and Turkish intelligence agents in 2019,” the threat actor told Gal. “We did it to harm US infrastructure.”
I spoke to the hackers, they claim they did it to harm US infrastructure and to retaliate against alleged US actions. https://t.co/F7mcmrmgxn pic.twitter.com/0Kwn4Xl89D