T-Mobile today confirmed that some of its data had been accessed without authorization in a breach that may impact more than 100 million of its users, reports Reuters.
Over the weekend, T-Mobile began investigating a forum post that offered data from more than 100 million people. T-Mobile was not mentioned in that post, but the person selling the data told Motherboard that it had come from T-Mobile’s servers, thus leading T-Mobile to look into it. The hacker who spoke to Motherboard claimed that several T-Mobile servers had been breached.
T-Mobile has now confirmed that there was indeed unauthorized access to some customer data, but T-Mobile does not yet know if personal customer data has been accessed.
According to the original forum post, the data for sale includes social security numbers, phone numbers, names, physical addresses, IMEI numbers, and driver licenses information.
Motherboard said that it was provided with some samples of data and was able to confirm that they contained accurate information on T-Mobile customers. At the time, T-Mobile said that it was aware of claims made and was “actively investigating their validity.”
T-Mobile should soon be following up with more information on what data was accessed in the breach.