T-Mobile experienced a major security breach on Wednesday resulting in more than 40 million current and possible customers' social security numbers and personal information like first and last names, birth dates, Social Security numbers, and driver's license information being shared online. The victims were people who applied for credit with the cell phone company –– regardless of if they used it –– as well as nearly 7.8 million current postpaid plan users.
Authorities say the information has already been put up for auction in online forums meaning it could eventually be used for fraudulent activity like identity theft and SIM swapping. "It's probably the biggest gift to SIM-swappers they've received in years," Allison Nixon, chief research officer at cyber services company Unit 221B, told The Wall Street Journal. "The typical life cycle of these databases is first they start off in the hands of the very few, but it will spread because people share data," she said. "All of these hacked databases eventually go public."
The stolen information comes at a high price; the listings are asking for prices upwards of $80,000 or 6 bitcoin (which equaled around $270,000 at Wednesday's exchange rates) according to Gene Yoo, chief executive of Resecurity Inc., a cybersecurity company. The cell phone company launched a portal with information on the breach for its subscribers and began to notify its customers by text and email. Unfortunately, T-Mobile chose not to go into detail as to the information that was pilfered, but along with social security information and other personal information, the company reveals that the phone numbers and account PIN numbers of possibly 850,000 of its customers on prepaid plans were made public. Metro by T-Mobile, legacy Sprint and Boost Mobile brands were not a part of the group.
This information could obviously be potentially dangerous in the hands of the wrong person. "An attacker just needs to make calls to customer care with the leaked information," Ravishankar Borgaonkar, a senior research scientist at the Norwegian research institute Sintef told the outlet, before adding that attackers usually spend hours or days searching on several leaked databases to build profiles of their targets. "This database saves time."