The US Federal Communications Commission (FCC) said late
Wednesday it will investigate a data breach disclosed by T-Mobile US impacting
more than 47 million current, former, and prospective customers.
The third-largest US wireless carrier said personal data,
including social security numbers and driver's license information, of more
than 40 million former and prospective customers was stolen along with data
from 7.8 million existing T-Mobile wireless customers.
Dates of birth, first, and last names were also stolen, the
telecom services provider said, adding there was no indication their financial
details had been compromised.
"Telecommunications companies have a duty to protect
their customers' information. The FCC is aware of reports of a data breach
affecting T-Mobile customers and we are investigating," an FCC
spokesperson told Reuters.
The company, which had 104.8 million customers as of June,
acknowledged the data breach on Sunday after US-based digital media outlet Vice
reported that a seller had posted on an underground forum offering private
data, including social security numbers from a breach at T-Mobile servers.
T-Mobile also said approximately 850,000 active T-Mobile
prepaid customer names, phone numbers, and account PINs were also exposed.
In 2015, AT&T agreed to pay a $25 million fine to
resolve an FCC investigation into consumer privacy violations at AT&T's call
centers.
Vice said the seller claimed that 100 million people had
their data compromised in the breach. The seller was offering data on 30
million people for 6 Bitcoin, or around $270,000.
Reports later suggested that the asking price had slumped
and the entire data was being sold for just $200.
Reuters has not been able to check the veracity of the
forum's post.
T-Mobile's data breach is the latest high-profile
cyberattack as digital thieves take advantage of security weakened by
work-from-home policies due the COVID-19 pandemic.
Earlier this month, cryptocurrency platform Poly Network
lost $610 million in a hack and later offered the hacker or hackers a $500,000 "bug
bounty".
© Reuters
0 comments:
Post a Comment