A risk actor claims to have hacked T-Cell’s servers and stolen databases containing the private information of roughly 100 million clients.
The alleged information breach first surfaced on a hacking discussion board yesterday after the risk actor claimed to be promoting a database for six bitcoin (~$280K) containing delivery dates, driver’s license numbers, and social safety numbers for 30 million individuals.
Whereas the discussion board submit doesn’t state the origins of the info, the risk actor advised BleepingComputer that they took it from T-Cell in an enormous server breach.
The risk actor claims to have hacked into T-Cell’s manufacturing, staging, and improvement servers two weeks in the past, together with an Oracle database server containing buyer information.
This stolen information allegedly accommodates the info for roughly 100 million T-Cell clients and might embody clients’ IMSI, IMEI, cellphone numbers, buyer names, safety PINs, Social Safety numbers, driver’s license numbers, and date of delivery.
“Their complete IMEI historical past database going again to 2004 was stolen,” the hacker advised BleepingComputer.
An IMEI (Worldwide Cell Gear Id) is a singular quantity used to determine cellphones, whereas an IMSI (Worldwide cellular subscriber identification) is a singular quantity related to a person on a mobile community.
Cybersecurity intelligence agency Cyble advised BleepingComputer yesterday that the risk actor claims to have stolen a number of databases totaling roughly 106GB of knowledge, together with T-Cell’s buyer relationship administration (CRM) database.
Motherboard, who first reported on this breach, mentioned they might confirm that information samples supplied by the risk actor belonged to T-Cell clients.
When requested in the event that they tried to ransom the stolen information to T-Cell, the risk actors mentioned they by no means contacted the corporate and determined to promote it on boards the place they have already got consumers.
BleepingComputer has contacted T-Cell however didn’t obtain a response to our question presently. Nonetheless, Motherboard obtained a reply stating they’re investigating the alleged information breach.
“We’re conscious of claims made in an underground discussion board and have been actively investigating their validity. We don’t have any extra info to share presently,” T-Cell advised Motherboard.
T-Cell hacked for revenge
The risk actors advised Alon Gal, CTO of cybercrime intelligence agency Hudson Rock, that they carried out this hack to break US infrastructure.
“This breach was completed to retaliate in opposition to the US for the kidnapping and torture of John Erin Binns (CIA Raven-1) in Germany by CIA and Turkish intelligence brokers in 2019,” the risk actors advised Gal in a dialog.
“We did it to hurt US infrastructure.”
Binns is a resident of Turkey who sued the FBI, CIA, and Department of Justice in 2020.
The grievance alleges that Binn was tortured and harassed by the US and Turkish governments and is looking for to compel the USA to launch paperwork concerning these actions underneath the Freedom of Info Act.