T-Mobile ‘Hackers Want BTC 6’ for Data, US Offers Dark Web USD 10M in Crypto (UPDATED)
The telecoms heavyweight T-Mobile appears to have suffered a data breach involving the personal and financial data of 100m users, with hackers ready to hawk out the data in exchange for bitcoin (BTC) – while the American State Department is planning to hand out crypto payments to a more benevolent type of Dark Web user.
(Updated on Tuesday at 6:48 UTC with T-Mobile's comment: updates in bold.)
Vice’s Motherboard media arm reported that T-Mobile had claimed the firm was “aware of claims made” on a web forum, where a hacker is reportedly asking for BTC 6 (around USD 284,000 at the time of writing) in return for a portion of the data haul (data on 30m users).
Data on the remaining 70m was already changing hands in “private” sales, the purported hacker claimed when approached by Motherboard – with the media outlet likely posing as an interested buyer.
The alleged hacker, in an “online chat,” told Motherboard that they thought T-Mobile “already found out” about the hack “because we lost access to the backdoored servers.” But the damage appears to have already been done, with the vendor claiming that they had already downloaded the data and “backed it up” in “multiple places.”
T-Mobile said in the article that it was “actively investigating” the validity of the alleged hackers’ claims. Cryptonews.com reached out to the company for comment.
T-Mobile spokesperson told Cryptonews.com the company has been "working around the clock to investigate claims being made that T-Mobile data may have been illegally accessed," that it's conducting "an extensive analysis alongside digital forensic experts to understand the validity of these claims," and that it's coordinating with law enforcement.
They said that,
"We have determined that unauthorized access to some T-Mobile data occurred, however we have not yet determined that there is any personal customer data involved. We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed."
But they stressed that this investigation will take time, adding that they "cannot confirm the reported number of records affected or the validity of statements made by others" until this has been done.
Motherboard wrote that it had gained access to “samples of the data, and confirmed they contained accurate information on T-Mobile customers.” The would-be vendor stated that the data in question, “includes social security numbers, phone numbers, names, physical addresses, unique IMEI [International Mobile Equipment Identity] numbers and driver’s licenses information.”
The network has been dogged by data breaches in recent years, with breaches reported in 2018, 2019, 2020 and at the turn of this year. In March 2020, The Register reported that T-Mobile had explained how hackers broke into its employees’ email accounts before making off with customer account information in its “third security whoopsie in as many years.”
Data breaches are on the rise in almost all parts of the world this year, and much has been made of the role of crypto in the attacks. Ransomware raiders have demanded crypto payments in exchange for returning companies access to data they have been frozen out of, while other hackers have sought to auction off stolen data for crypto. This has led, in parliaments all over the world, to the vilification of the crypto world, with some calling tokens the tools of shadowy underworld villains.
But this kind of messaging has not always gone down well among younger, tech-savvy folk. And that, perhaps, is why the American State Department has decided to take another track altogether – by handing out crypto, sponsored by the Treasury’s coffers, to informants who tip it off on “state-based hackers.” And in a further surprise move, Uncle Sam wants to do the whole thing on the Dark Web.
CNN reported that as part of a campaign advertised at last week’s Black Hat security conference “informants” can “elect to receive payments in cryptocurrency and reach out to the US government with sensitive information through a secure portal on the Dark Web.”
On a page promoting the campaign, the State Department wrote that it has “set up a Dark Web (Tor-based) tips-reporting line to protect the safety and security of potential sources. Possible relocation and rewards payments by cryptocurrency may be available to eligible sources.”
The department advertised the fact that it would pay “up to USD 10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against US critical infrastructure.”
- T-Mobile Sued For “Allowing Hackers to Steal Crypto”