In defense of T-Mobile, the recent breach cannot be attributed to the carrier. It appears that a third-party retailer known as Connectivity Source had a data leak of over 90GB, which ended up on the hacking forum BreachForums. Connectivity Source is a prominent T-Mobile authorized retailer with numerous stores throughout the United States.
T-Mobile has been breached (again). Data has been exfiltrated and it is being shared online (again)
This is T-Mobile’s 8th breach since 2018
This is the 3rd breach this year
This breach is 90GB of exfiltrated employee PII. This is the 2nd time T-Mobile employee PII was leaked
There has not been a T-Mobile data breach. The data being referred to online is believed to be related to an independently owned authorized retailer from their incident earlier this year. T-Mobile employee data was not exposed.” – T-Mobile
The leak’s original source mentioned that the exposed information includes employee details such as names, IDs, email addresses, login IDs, and Social Security Numbers. Another source disclosed that the leaked data also encompasses sales data, support calls with T-Mobile customers, employee credentials, and unspecified customer data.
In May, Connectivity Source had reported a breach in April, where hackers obtained data on both current and former employees. It is possible that the stolen information from that incident has only recently been made available on the internet and that the company did not suffer a subsequent attack.
In total, 17,835 current and former employees were affected, which indicates a considerable breach. The stolen data could hold significant value for malicious actors as it could facilitate access to Connectivity Source’s internal systems or aid in SIM swap attacks.