T-Mobile Investigating Data Breach Claims
Wireless phone giant T-Mobile said today it is investigating claims that hackers have broken in and stolen customer data and company proprietary information.
On Saturday, June 6, someone anonymously posted to the Full Disclosure security mailing list claims that a broad range of internal T-Mobile data had been compromised and was being put up for sale to the highest bidder.
"We have everything, their databases, confidental [sic] documents, scripts and programs from their servers, financial documents up to 2009. We already contacted with their competitors and they didn't show interest in buying their data - probably because the mails got to the wrong people - so now we are offering them for the highest bidder."
In a statement e-mailed to Security Fix, T-Mobile said it was investigating the claims.
"The protection of our customers' information, and the safety and security of our systems, is absolutely paramount at T-Mobile," the company said. "Regarding the recent claim, we are fully investigating the matter. As is our standard practice, if there is any evidence that customer information has been compromised, we would inform those affected as soon as possible."
The posting on Full Disclosure also includes a long list of what appear to be individual databases, including file names such as "Campaign Management System," "Prod Billing Enable," "Prod Billing Customer Profile," and "Prod Infra Netbackup 34 Backup/Archive server," to name a few.
A number of news outlets are starting to pick up on this claim, but I would take it with a grain of salt until more evidence of a compromise surfaces. The Full Disclosure mailing list often contains some real gems of timely information, but the list also is known to have a rather low signal-to-noise ratio (a few of my sources derisively refer to the list as "FuD," for the acronym fear, uncertainty and doubt).
Update, 10:32 p.m. ET: T-Mobile has issued a clarification to its earlier statement that downplays the threat, suggesting the perpetrators may have merely copied a list of files from a document. No doubt this will put pressure on the group or individual who launched this fiasco to publish additional data to prove that a compromise of some kind occurred. T-Mobile's updated statement reads: "Regarding the recent claim on a Web site, we've identified the document from which information was copied, and believe possession of this alone is not enough to cause harm to our customers. We continue to investigate the matter, and have taken additional precautionary measures to further ensure our customers' information and our systems are protected. At this moment, we are unable to disclose additional information in order to protect the integrity of the investigation, but customers can be assured if there is any evidence that customer information has been compromised, we would inform those affected as quickly as possible."
Posted by: Garak | June 9, 2009 8:08 AM | Report abuse
Posted by: anthonymfreed | June 9, 2009 9:25 AM | Report abuse
Posted by: tlsfromthepnw | June 10, 2009 1:46 PM | Report abuse
The comments to this entry are closed.