![]() We are confident that there is no ongoing risk to customer data from this breach.” But in a previous statement published in August, Mike Sievert, CEO of T-Mobile, said “Through our investigation into this incident, which has been supported by world-class security experts Mandiant from the very beginning, we now know how this bad actor illegally gained entry to our servers and we have closed those access points. The court documents do not name the third-party that bought the data, nor do they describe what sort of company it was. ![]() A day later, T-Mobile confirmed it had been breached. T-Mobile provided a statement at the time saying it was investigating the hack against its company. At the time Motherboard spoke to the person selling the data including SSNs and obtained samples of the data which confirmed the hacker had accurate information on T-Mobile customers. Motherboard first revealed news of the breach mentioned in the court document several days after the specific RaidForums threads mentioned. Image: Motherboard.Ĭompany 3, the unnamed telecommunications firm that hired this third-party, was T-Mobile, according to Motherboard’s review of the timeline and information included in the court records. The document says that “it appears the co-conspirators continued to attempt to sell the databases after the third-party’s purchase.”Ī screenshot of the court document. The purpose of the deletion would be that this undercover customer would be the only one with a copy of the stolen information, greatly limiting the chance of it leaking out further. That employee then purchased the entire database for around $150,000, with the caveat that SubVirt would delete their copy of the data, it adds. The document goes on to say that this company “hired a third-party to purchase exclusive access to the database to prevent it being sold to criminals.” An employee of this third party posed as a potential buyer and used the RaidForums’ administrator’s middleman service to buy a sample of the data for $50,000 in Bitcoin, the document reads. The document does not name the victim company, instead referring to it as Company 3, but says another post confirmed that the data belonging to “a major telecommunications company and wireless network operator that provides services in the United States. “On or about August 11, 2021, an individual using the moniker ‘SubVirt’ posted on the RaidForums website an offer to sell recently hacked data with the following title: ‘SELLING-124M-U-S-A-SSN-DOB-DL-database-freshly-breached.’” Later, Subvirt changed the thread title to “SELLING 30M SSN + DL + DOB database,” the document continues. ![]()
0 Comments
Leave a Reply. |