T-Mobile has denied reports of another data breach following claims that a threat actor leaked a substantial database supposedly containing T-Mobile employees' information. According to T-Mobile, the leaked data is believed to be connected to an authorized retailer that experienced a breach earlier in the year, emphasizing that there was no breach of T-Mobile employee data.
An individual using the alias 'emo' shared an 89 GB ZIP archive on the BreachForums hacking forum, claiming it contained T-Mobile data. While 'emo' initially stated that the breach was linked to T-Mobile and Connectivity Source (a third-party authorized retailer), the forum post suggests that the data was taken from T-Mobile's own systems.
According to the post, in April 2023, T-Mobile experienced a data breach that exposed various data, including sales data, analytics, customer support calls, employee credentials, partial social security numbers, email addresses, and customer information.
The archive posted on the hacking forum contains a wealth of data, including employee IDs, employment status, hiring and termination dates, job titles, departments, names, the last four digits of social security numbers, and email addresses. It also appears to contain information related to customer orders and their service plans.
It's worth noting that T-Mobile has a history of data breaches, with this potentially being the eighth breach since 2018, and the second one reported in 2023. Despite this history, T-Mobile maintains that the data in question originates from an earlier breach at an authorized retailer rather than a direct breach of its own systems.