Mobile phone service provider T-Mobile has been hit by a supposed hacker attack with customer details advertised for sale online.

An anonymous post to the Full Disclosure security mailing list, that was posted on Saturday 6th June, claimed that a broad range of internal T-Mobile data had been compromised and was being put up for sale to the highest bidder.


The post stated that ‘the US T-Mobile network predominately uses the GSM/GPRS/EDGE 1900 MHz frequency-band, making it the largest 1900 MHz network in the United States. Service is available in 98 of the 100 largest markets and 268 million potential customers.'


“Like Checkpoint T-Mobile has been owned for some time. We have everything, their databases, confidental [sic] documents, scripts and programs from their servers,
financial documents up to 2009.


“We already contacted with their competitors and they didn't show interest in buying their data -probably because the mails got to the wrong people- so now we are
offering them for the highest bidder. Please only serious offers, don't waste our time.”


Published by the Washington Post, in a statement emailed to Security Fix, T-Mobile said it was investigating the claims.


The company said: “The protection of our customers' information, and the safety and security of our systems, is absolutely paramount at T-Mobile. Regarding the recent claim, we are fully investigating the matter. As is our standard practice, if there is any evidence that customer information has been compromised, we would inform those affected as soon as possible.”


The Washington Post further claimed that T-Mobile issued a clarification to its earlier statement that downplays the threat, suggesting the perpetrators may have merely copied a list of files from a document.


T-Mobile's updated statement reads: “Regarding the recent claim on a website, we've identified the document from which information was copied, and believe possession of this alone is not enough to cause harm to our customers. We continue to investigate the matter, and have taken additional precautionary measures to further ensure our customers' information and our systems are protected.


“At this moment, we are unable to disclose additional information in order to protect the integrity of the investigation, but customers can be assured if there is any evidence that customer information has been compromised, we would inform those affected as quickly as possible.”


Amichai Shulman, CTO of Imperva, said: “My guess is that they have been able to get access to the list of servers but not much more. Telecom operators, with the massive amounts of data they store and collect, remain prime targets.


“Less than three years ago, T-Mobile's owner, Deutsche Telekom, experienced a breach losing 17 million records. The cumulative impact of these breaches will threaten not only T-Mobile's brand image, but could also impact any telecommunications provider unless the issue of data security is vigorously addressed.”