The American operator T-Mobile is investigating a possible hack of its servers. The perpetrator opens up with the data and would do so ‘to damage the US’.
The hacker unpacks on a forum with examples of the data. This concerns dates of birth, telephone numbers, but also driver’s license numbers, social security numbers, IMSI (a unique number for your identity on a network) and the IMEI numbers up to 2004 (the unique numbers of each telephone).
According to Motherboard, the perpetrator offers part of the data from 30 million customers for 6 bitcoins. They do not explicitly state that these are T-Mobile customers, but the operator’s name was mentioned to Motherboard.
The perpetrator gives more details to Bleepingcomputer. For example, two weeks ago, it was possible to access the operator’s servers, including an Oracle database server with customer data. Whether the data is real has not yet been confirmed. T-Mobile says it is investigating the claim.
However, in a conversation with security specialist Alon Gal, CTO of Hudson Ruck, it also sounds like there are more motives than money. In that message, the perpetrator says that with the hack, they want to harm the US for the kidnapping and torture of John Erin Binns by the CIA and Turkish intelligence services.