T-Mobile investigates potentially massive breach of consumer data

It would be the fifth data breach the company has suffered since 2018.
T-Mobile in the Netherlands. (Photo by Niels Wenstedt/BSR Agency/Getty Images)

T-Mobile is investigating claims by a hacker that they have put sensitive information about more than 100 million of the company’s customers up for sale after breaching its servers.

T-Mobile confirmed on Monday that some of its data was accessed without authorization. The company says it has not determined if the data included personal information or the number of records affected.

“We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed,” the company said in a statement. “This investigation will take some time but we are working with the highest degree of urgency.”

T-Mobile said it is coordinating its investigation with law enforcement.


The data acquired by the hacker appears to include names, Social Security numbers, addresses, phone numbers and driver’s license information, Motherboard first reported. The sales ad for the data asks for roughly $278,781 worth of bitcoin in exchange for 30 million Social Security numbers and driver’s licenses from the data set.

T-Mobile has just over 100 million customers in the United States, meaning that the data set could cover a significant portion of its U.S. consumers.

The hacker selling the set told Motherboard that it retrieved the data from multiple T-Mobile servers that the company has since regained control over. Motherboard confirmed that samples of the data matched T-Mobile customers.

The breach would be the fifth the company has suffered in four years. T-Mobile disclosed a smaller breach of roughly 200,000 users in January that included phone numbers and some call-related information. No personal or financial information was exposed.

Updated 8/16/21: to include a response from T-Mobile

Tonya Riley

Written by Tonya Riley

Tonya Riley covers privacy, surveillance and cryptocurrency for CyberScoop News. She previously wrote the Cybersecurity 202 newsletter for The Washington Post and before that worked as a fellow at Mother Jones magazine. Her work has appeared in Wired, CNBC, Esquire and other outlets. She received a BA in history from Brown University. You can reach Tonya with sensitive tips on Signal at 202-643-0931. PR pitches to Signal will be ignored and should be sent via email.

Latest Podcasts