Categories: Security

Hacked T-Mobile Data ‘For Sale Online’

T-Mobile customer data stolen by hackers last month has already appeared online for sale, according to security researchers.

Trustev, an Irish security start-up, saw listings appear on Friday morning for data matching that from the T-Mobile hack, the firm told finance news publication VentureBeat, which published screen-shots of the data provided by Trustev.

Personal data

“Once fraudsters get their hands on data, they typically unload it very quickly,” Trustev reportedly said. The company said it can’t be certain the data originated from the hack, but it is “likely considering the type of data and timing”.

Security experts fear data thieves could use the information stolen from Experian to build detailed profiles on individuals, pieced together from multiple sources, including health data. The misuse of such profiles could go beyond identity theft to purposes such as blackmail, security researchers said.

The NHS is amongst the organisations that provide health data to private companies, including Experian. Such data doesn’t include patient names, but includes identifying information such as addresses that could be cross-referenced with other stolen data.

Experian hacked

T-Mobile reported last week that data including names, addresses, Social Security numbers and dates of birth on an estimated 15 million individuals applying for post-paid mobile services between 1 September, 2013 and 16 September, 2015, had been stolen by hackers from Experian, which T-Mobile uses to process customer applications. Only T-Mobile USA customers were affected, the company said.

Experian said it discovered the breach on 15 September, and said that no payment card information was involved.

The company said it is working with US and international law enforcement agencies on the matter and has taken “additional security steps” to help prevent future incidents. Experian said it has seen no evidence that the data has been used “inappropriately” but recommended those affected to enroll in the free identity resolution services it is offering.

“We are addressing this issue with strengthened IT security, and we are providing those affected by this theft with the assistance they need,” Experian said in a statement.

Data breaches are becoming increasingly commonplace, with the Information Commissioner’s Office (ICO) receiving on average two complaints each day related to the security of personal information in 2014, up 30 percent from the previous year, according to figures released last week.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

NHS Staff Say New Tech Will Treat Extra 18.6 Million Patients A Year

Research from Virgin Media O2 Business finds majority of NHS staff believe new tech will…

4 hours ago

Alphabet Q2 Beats Expectations, But Shares Dip

Despite share buyback and positive Q2 results, Alphabet's share price falls over YouTube slowdown and…

4 hours ago

Google Cancels Plan To Axe Third Party Cookies For Chrome Browser

Better switch to Firefox? After years of delays, Google performs u-turn and will no longer…

6 hours ago

Meta Releases Open Source Llama 3.1 AI Model

Release of latest AI model, Llama 405B, offers improved reasoning capabilities especially for math and…

7 hours ago

Microsoft Blames 2009 EU Agreement For World’s Biggest IT Outage

Redmond says EU deal gave CrowdStrike the keys to the Windows kernel, allowing last week's…

10 hours ago