Private Data, IMEI or PIN: Everything That Has Been Stolen from a Big Operator

Private Data, IMEI or PIN

The massive theft of passwords, access credentials and private data is, unfortunately, the order of the day. There is not a week that we do not have news about it. In addition, this is usually related to a large company or service whose customer data has been leaked on the Internet or is for sale on the Dark Web . Nobody seems to be able to get rid of this problem that threatens many businesses. The last to fall has been a large operator from which data from 100 million customers such as addresses, IMEI or security PIN has been leaked. This is all that cybercriminals have stolen.

Most of these data thefts are often made public on hacker forums where they are offered to the highest bidder. In this case, a dump of a database containing dates of birth, driver’s license numbers and social security numbers of 30 million people is sold for 6 Bitcoin (about 241,500 euros). Although they do not explain where they were obtained from, from BleepingComputer they have contacted the seller who has explained that they come from a significant security breach in the servers of T-Mobile , one of the largest operators in the world.

Data from about 100 million T-Mobile customers

T-Mobile is currently investigating the security breach that claims to have the data of about 100 million customers . The person responsible for hacking the servers claims that he was able to enter the operator’s production, development and pre servers two weeks ago and even get an Oracle database with all the customer information.

In this information we would have those 100 million records containing IMSI, IMEI , telephone number, customer name, security PIN, social security number, driver’s license number and date of birth. As we know, IMEI (International Mobile Equipment Identity) refers to the way to identify a mobile on the network while IMSI (International mobile subscriber identity) is the way to identify a user on the mobile network.

To give credibility to his claim, the cybercriminal has attached a capture connected by SSH to the server with Oracle. In addition, that would not be all, according to the security firm Cyble, this person would also have stolen several databases with a total of 106GB of customer data from this same operator.

By the looks of it, T-Mobile’s choice is not random and has been made to “retaliate against the US for the kidnapping and torture of John Erin Binns (CIA Raven-1) in Germany by the CIA and Turkish intelligence agents in 2019 “, in addition to” damaging US infrastructure. ”