T-Mobile confirmed hackers gained access to the telecom giant's systems in an announcement published Monday.
The move comes after Motherboard reported that T-Mobile was investigating a post on an underground forum offering for sale Social Security Numbers and other private data. The forum post at the time didn't name T-Mobile, but the seller told Motherboard the data came from T-Mobile servers.
"We have determined that unauthorized access to some T-Mobile data occurred, however we have not yet determined that there is any personal customer data involved," T-Mobile wrote in its new announcement. "This investigation will take some time but we are working with the highest degree of urgency. Until we have completed this assessment we cannot confirm the reported number of records affected or the validity of statements made by others," the announcement added.
Do you work at T-Mobile and know anything else about this breach? We'd love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, or email firstname.lastname@example.org.
The seller told Motherboard that 100 million people had their data compromised in the breach. In the forum post, they were offering data on 30 million people for 6 bitcoin, or around $270,000.
They told Motherboard at the time that T-Mobile had seemingly kicked them out of the company's networks. T-Mobile's announcement corroborates that somewhat, saying, "We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed."
Motherboard has seen samples of the data, and confirmed they contained accurate information on T-Mobile customers. The data includes social security numbers, phone numbers, names, physical addresses, unique IMEI numbers, and driver license information, the seller said.
"We have been working around the clock to investigate claims being made that T-Mobile data may have been illegally accessed. We take the protection of our customers very seriously and we are conducting an extensive analysis alongside digital forensic experts to understand the validity of these claims, and we are coordinating with law enforcement," T-Mobile's announcement added.
Subscribe to our cybersecurity podcast CYBER, here.