T-Mobile says unauthorized access to its data occurred, not clear if customer info involved

Following a weekend report that its servers had been breached, T-Mobile said Monday that unauthorized access to some of its data occurred, but it had not yet determined whether personal customer data was involved.

“We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed,” the company said in a news release. “This investigation will take some time but we are working with the highest degree of urgency. Until we have completed this assessment we cannot confirm the reported number of records affected or the validity of statements made by others.”

Motherboard reported on Sunday that a post on an underground forum claimed to be selling data stolen from T-Mobile’s servers, and that the seller of the data said it included Social Security numbers, names, addresses, and driver’s license information related to more than 100 million people.

T-Mobile said Monday that it was investigating the claims, “conducting an extensive analysis alongside digital forensic experts to understand the validity of these claims, and we are coordinating with law enforcement.” The statement added that T-Mobile would communicate with customers once the company had a clearer understanding of what happened.

T-Mobile has been the target of several data breaches in the last few years, most recently in December 2020. During that incident, call-related information and phone numbers for some of its customers may have been exposed, but the company said at the time that it did not include more sensitive info such as names or Social Security numbers.

https://www.theverge.com/2021/8/16/22627641/t-mobile-data-breach-unauthorized-access-servers-customer-info