T-Mobile denies that its systems have been compromised, says no customer data has been stolen

4comments
T-Mobile denies that its systems have been compromised, says no customer data has been stolen
T-Mobile told Beeping Computer that it was not hacked nor was any source code stolen even though stolen data from the wireless provider had been offered for sale by a "threat actor." In a statement, the nation's second-largest wireless provider said, "T-Mobile systems have not been compromised. We are actively investigating a claim of an issue at a third-party service provider. We have no indication that T-Mobile customer data or source code was included and can confirm that the bad actor's claim that T-Mobile's infrastructure was accessed is false."

The "threat actor," who is known as IntelBroker and is said to be connected to several data breaches, claims that he was responsible for a data breach attack against T-Mobile that he said took place this month and resulted in stolen source code. To prove that the data he obtained was legitimate and from a recent breach, IntelBroker published several screenshots that revealed access with administrative privileges to a Confluence server and the company's internal Slack channels for developers.

It's possible that Common Vulnerabilities and Exposures (CVE) listing CVE-2024-1597 was exploited to obtain the data since this vulnerability affects Confluence Data Center and Server and according to Bleeping Computer, has a severity score of 9.8 out of 10. But at this point, it is not clear whether the aforementioned third-party vendor was breached using this vulnerability.

The data that IntelBroker says that he is selling includes "Source code, SQL files, Images, Terraform data, t-mobile.com certifications, Siloprograms." A source told Bleeping Computer that the data being sold "is actually older screenshots of T-Mobile's infrastructure posted to a third-party vendor's servers, where it was stolen." This would dovetail with T-Mobile's statement that it is "actively investigating a claim of an issue at a third-party service provider."

T-Mobile has had to deal with some data breaches over the last few years. The personal data belonging to 37 million T-Mobile customers was stolen by hackers in January 2023. Four months later, the carrier said that the personal data belonging to hundreds of customers was exposed to unknown attackers for more than a month starting in February of 2023. By the  fourth quarter of last year, T-Mobile delivered wireless service to a total of 119 million subscribers.

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless