In T-Mobile’s defense, the carrier cannot be blamed for the latest breach. Apparently, a third-party retailer called Connectivity Source had more than 90GB of its data leaked and put on the hacking forum BreachForums. Connectivity Source is one of the largest T-Mobile authorized retailers, with hundreds of stores across the United States.
T-Mobile has been breached (again). Data has been exfiltrated and it is being shared online (again)
This is T-Mobile’s 8th breach since 2018
This is the 3rd breach this year
This breach is 90GB of exfiltrated employee PII. This is the 2nd time T-Mobile employee PII was leaked
— vx-underground (@vxunderground) September 22, 2023
The original source of the leak said that the leaked information included employee information such as names, IDs, email addresses, login IDs, and Social Security Numbers. A second source said that the leaked data also includes sales data, support calls with T-Mobile customers, employee credentials, and unspecified customer data.
Connectivity Source had revealed in May that it suffered a breach in April and hackers walked away with data on current and former employees. It’s possible that the information that was stolen at that time has been put on the internet only now and the company has not been a victim of another attack.
In all, 17,835 current and previous employees were affected, so the breadth of the attack was not too large. Still, it’s not an insignificant number and the stolen data might prove to be very valuable for bad actors. That’s because it could be used to gain access to Connectivity Source’s internal systems or help hackers carry out SIM swap attacks.