Personal data from T-Mobile breach still spreading on dark web, state governments warn

Attorneys general from New York, California and multiple other states issued alerts to consumers about the August 2021 T-Mobile incident.
A T-Mobile retail store at the Pentagon Row shopping district in August 2021 in Arlington, Virginia. (Photo by Chip Somodevilla/Getty Images)

The top law enforcement officials from multiple states are alerting people affected by an August 2021 breach at T-Mobile that their personal data might be circulating in cybercrime forums online.

“Information stolen in a massive data breach has fallen into the wrong hands and is circulating on the dark web,” New York Attorney General Letitia James said Wednesday in a news release. Officials from California, Florida and several other states issued similar warnings.

The T-Mobile breach involved the data of tens of millions of current, former or prospective customers of the wireless company. The stolen data is attractive for identity theft and other financial crimes. The hacker who claimed responsibility for the breach told The Wall Street Journal in August that T-Mobile’s security was “awful.” Law enforcement agencies from multiple states are investigating the breach.

In some cases, the hacker accessed people’s names, dates of birth, Social Security numbers and driver’s license or ID numbers. The company also said technical data — including international mobile equipment identities (IMEIs) and international mobile subscriber identities — were also compromised. IMEIs, which are often used for advertising purposes, are a unique fingerprint for a device that cannot be reset.


The state attorneys general noted that identity protection services already have alerted many of the affected consumers about the dark web activity. Cybercrime forums have been under increased pressure by state, federal and international law enforcement agencies, but the buying and selling of people’s personal data is still an active criminal industry.

States are advising people to take the usual steps if they fear their personal or financial information has been misused: check credit reports; consider contacting the Equifax, Experian and TransUnion credit bureaus to place freezes on personal credit reports; and ask credit reporting services to provide fraud alerts.

The August incident was the fifth the company has suffered since 2018.

Latest Podcasts