T-Mobile confirms it was hacked after customer data posted online. So much for Linux security.

[bitcoins]

T-Mobile has confirmed “unauthorized access” to its systems,
days after a portion of customer data was listed for sale on a
known cybercriminal forum.

The U.S. cell giant, which last year completed a $26 billion
merger with Sprint, confirmed an intrusion but that it has “not
yet determined that there is any personal customer data
involved.” The company said that its investigation will “take
some time,” and no timeline was given.

“We are confident that the entry point used to gain access has
been closed, and we are continuing our deep technical review of
the situation across our systems to identify the nature of any
data that was illegally accessed,” the company said.

Vice reported this weekend that T-Mobile was investigating a
possible intrusion after a seller was claiming to be in
possession of millions of records. The seller told Vice that
they had 100 million records on T-Mobile customers, which
included customer account names, phone numbers, the IMEI numbers
of phones on the account, and Social Security number and
driver’s license information — details that the company often
collects to verify the identities of its customers.

Vice verified a sample of the records from the seller,
suggesting the data is in at least partially valid.

The forum post, which TechCrunch has seen, asks for 6 bitcoin,
or about $275,000, for a 30 million subset of customers’ data.
The data was allegedly obtained from a T-Mobile-run database
server that was connected to the internet, according to a
screenshot posted by Bleeping Computer, which also reported that
the seller has the IMEI database “going back to 2004.” IMEI and
ISMI numbers can be used to uniquely identify and locate a
cellphone user.

An earlier post seen by TechCrunch from the same seller and
using the same sample of data claimed to have 124 million
records, but still did not name T-Mobile as the source of the
data. The post was deleted in the past few days.

This is by our count the fifth time that T-Mobile was hacked in
recent years.

In January, T-Mobile said it had a data breach that saw
cybercriminals steal about 200,000 call records and other
subscriber data. Last year, T-Mobile had two incidents — it
admitted a breach on its email systems that saw hackers access
some T-Mobile employee email accounts and access customer data;
and a breach of a million prepaid customers’ personal and
billing information months later. In 2018, T-Mobile said as many
as two million customers may have had their personal information
scraped.

https://techcrunch.com/2021/08/16/t-mobile-confirms-it-was-
hacked-after-customer-data-posted-online/

[Joerg Lorenz]

Am 17.08.21 um 14:17 schrieb bitcoins:

> T-Mobile has confirmed “unauthorized access” to its systems,
> days after a portion of customer data was listed for sale on a
> known cybercriminal forum.

You are out.

Injection-Info: neodome.net

Comments: This message did not originate from the Sender address above.
It was remailed automatically by anonymizing remailer software.
Please report problems or inappropriate use to the
remailer administrator at <ab...@dizum.com>.
Comments: This message was transferred to Usenet via mail2news gateway at
<mail...@neodome.net>. Please send questions and concerns to
<ad...@neodome.net>. Report inappropriate use to <ab...@neodome.net>.


--
De gustibus non est disputandum

[sms]

On 8/17/2021 5:17 AM, bitcoins wrote:
> T-Mobile has confirmed “unauthorized access” to its systems,
> days after a portion of customer data was listed for sale on a
> known cybercriminal forum.

They also had data breaches in 2018 and 2019.

"This is the third time in recent years that a data breach has hit the
wireless carrier. In 2018, T-Mobile revealed a breach that potentially
exposed information such as customers' email addresses and phone numbers.

One year later, the carrier disclosed a "criminal hack" of customer
data, exposing personal information such as names, billing addresses,
phone numbers, account numbers and wireless plans."

<https://www.usatoday.com/story/tech/2021/08/16/t-mobile-investigating-alleged-data-breach-100-million-users/8150677002/>

[nospam]

In article <sfgmth$jhb$1...@dont-email.me>, sms
<scharf...@geemail.com> wrote:

> > T-Mobile has confirmed łunauthorized access˛ to its systems,

> > days after a portion of customer data was listed for sale on a
> > known cybercriminal forum.
>
> They also had data breaches in 2018 and 2019.

so has verizon. here's just a sampling:

<https://www.bankinfosecurity.com/verizon-breach-6-million-customer-acco
unts-exposed-a-10107>
Verizon has apologized after a contractor failed to secure a large
batch of customer information, leading to data relating to 6 million
customers' accounts being exposed. But it's unclear if Verizon - the
largest wireless carrier in the United States - plans to notify
affected customers.

<https://www.foxnews.com/tech/verizon-data-breach-14-million-customers-r
eportedly-exposed>
łAs many as 14 million records˛ of Verizon customers were found
unsecured on an Amazon storage server controlled by Israeli-based
Nice Systems, according to ZDNet.com.

<https://krebsonsecurity.com/2016/03/crooks-steal-sell-verizon-enterpris
e-customer-data/>
Earlier this week, a prominent member of a closely guarded
underground cybercrime forum posted a new thread advertising the
sale of a database containing the contact information on some 1.5
million customers of Verizon Enterprise.

[Ant]

Basically, almost everyone is getting hacked. Has Apple been hacked?
--
Dang life, bugs (both digital and biological), issues, etc. 2021 is repeating 2020. :( Please get your vaccine shot(s) if you haven't done so! :)
Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly.
/\___/\ Ant(Dude) @ http://aqfl.net & http://antfarm.home.dhs.org.
/ /\ /\ \ Please nuke ANT if replying by e-mail.
| |o o| |
\ _ /
( )

[nospam]

In article <9_Gdnanw3tfC2IH8...@earthlink.com>, Ant

<a...@zimage.comANT> wrote:

>
> Basically, almost everyone is getting hacked.

yep and it's only going to get worse.

the cost of good security is much higher than the cost of 'oops, we
screwed up, here's a year of credit protection'.

experian *made* money from their breach.

if it's cheaper to deal with a data breach than prevent it, never mind
profitable, then there isn't any motivation for good security.

> Has Apple been hacked?

yep.

[sms]

On 8/17/2021 4:25 PM, Ant wrote:

<snip>

> Basically, almost everyone is getting hacked.

True, but it's the scale of the latest T-Mobile hack that is so
staggering, between 36 million and 100 million customer records. "In the
second quarter of 2021, T-Mobile provided a service for over a total of
104.79 million customers."

[nospam]

In article <sfht32$abo$1...@dont-email.me>, sms

<scharf...@geemail.com> wrote:

> > Basically, almost everyone is getting hacked.
>
> True, but it's the scale of the latest T-Mobile hack that is so
> staggering, between 36 million and 100 million customer records. "In the
> second quarter of 2021, T-Mobile provided a service for over a total of
> 104.79 million customers."

everyone's data is already out there courtesy of experian.

and let's not forget the yahoo breach, which verizon then bought.

[SilverSlimer]

All the more reason to subscribe to a decent security service in Windows
which includes monitoring of your personal information.

--
SilverSlimer
@silverslimer

[Carlos E.R.]

That will not help you at all.

--
Cheers, Carlos.

[Anonymous Remailer (austria)]

In article <sfht32$abo$1...@dont-email.me>

Not such a big deal. Verizon and AT&T give your information
away for free. They outsourced to India and the LBFMs. Can't
trust either of them.

[Nomen Nescio]

In article <cddeeb941c811dfa...@remailer.privacy.at>
"Anonymous Remailer (austria)" <mixm...@remailer.privacy.at>
wrote:

What is LBFMs?

[Anonymous Remailer (austria)]

In article <62f99142719a0156...@dizum.com>

You've never traveled aboard in Asia apparently.

L - ittle
B - rown
F - ucking
M - achine
s - more than one

[danny burstein]

[snip]

About ten hours ago T-Mobile SMS'ed me (and no doubt a gazillion
other folk) giving a heads up to the problem, and referring
people to the web page: t-mo.co/Protect . Note that's a "co"
as the top level domain.

It expands to: https://www.t-mobile.com/brand/data-breach-2021
(plus lots of tracking info garbage)


--
_____________________________________________________
Knowledge may be power, but communications is the key
dan...@panix.com
[to foil spammers, my address has been double rot-13 encoded]

[Bugsy]

bitcoins <inv...@dont-email.me> wrote:
> An earlier post seen by TechCrunch from the same seller and
> using the same sample of data claimed to have 124 million
> records

Has anyone been successful asking T-Mobile to remove your SSN?

How did you make that request?

Will T-Mobile honor that request to remove your SSN from their files?
--
Please wear your mask!
Bugs are everywhere. :)
!__!
(@)(@)
\.'||'./
-: :: :-
/'..''..'\

[nospam]

In article <sg0n06$27ntc$1...@paganini.bofh.team>, Bugsy

<bu...@zimage.comBUGSY> wrote:

>
> Has anyone been successful asking T-Mobile to remove your SSN?

there's no need to provide it.

[sms]

On 8/23/2021 10:47 AM, Bugsy wrote:
> bitcoins <inv...@dont-email.me> wrote:
>> An earlier post seen by TechCrunch from the same seller and
>> using the same sample of data claimed to have 124 million
>> records
>
> Has anyone been successful asking T-Mobile to remove your SSN?
>
> How did you make that request?
>
> Will T-Mobile honor that request to remove your SSN from their files?

There is no way to do that. Even if you close your account, the data
remains in their system.

If you're concerned about identity theft, freeze your credit. There is
no charge to do this and no need to pay for a service like LifeLock. See
<https://www.identitytheft.gov/#/CreditBureauContacts>. Before you apply
for any new credit you can unfreeze your credit.