Hackers claim to have stolen 64 million T-Mobile records containing highly sensitive data. The bad actors shared details from the wireless carrier on a popular leak forum, claiming that the 64 million lines of information it claims to have stolen are as recent as June 1st of this year.
Cybernews reports that it’s research team has investigated a sample of the data, and they say the sample was uploaded around 2 a.m. Eastern Time.
They say the sample included the following sensitive information:
- Full names
- Dates of birth
- Tax IDs
- Full addresses
- Phone numbers
- Email addresses
- Device IDs
- Cookie IDs
- IP addresses
That information could be used by the bad guys to commit identity theft, create fraudulent accounts, file fake tax returns, commit phishing attacks, and other criminal activity.
However, the researchers could not determine whether the 64 million lines that attackers claim they have stolen represent the same number of customers. Moreover, Cybernews says that at least some of the emails in the data sample were from previous T-Mobile breaches.
If the data in the leak is new, affected individuals face serious privacy issues.
“It’s not the first time T-Mobile has suffered from data breaches, and this raises concerns about persistent security gaps and the effectiveness of protection measures. If this data is legitimate, exposing 64M lines of highly sensitive information poses a serious threat of identity theft/fraud, surveillance, and further, better-targeted attacks on customers,” the research team said.
This is far from the first data breach T-Mobile and its customers have faced. In August 2021, a hacker who stole data from the carrier said the company’s security “is awful.” That data breach included the personal information of close to 50 million current, past, and potential customers.
In August 2024, The Committee on Foreign Investment in the US (CFIUS) hit T-Mobile with a $60M fine for failing to prevent unauthorized access to sensitive data and then failing to report a breach.
