Researchers at Motherboard discovered a threat actor claiming to be selling a portion of T-Mobile’s customer data, including information of approximately 100 million customers, for around $277,000. When initially coming across the post it was unclear which company the data belonged to. Through talks in a private chat, the threat actor revealed the data belonged to T-Mobile, and they claimed that they were able to acquire it by compromising multiple T-Mobile servers. “I think they already found out because we lost access to the backdoored servers,” said the unidentified threat actor, but they claim it will not affect their operation as they’ve already extracted the data and have it downloaded. They claim to have information such as social security numbers, phone numbers, names, physical addresses, unique IMEI numbers, and driver license information. T-Mobile has not officially confirmed the claims made by the supposed attacker, however they said “We are aware of claims made in an underground forum and have been actively investigating their validity.” We do not have any additional information to share at this time.” If a breach is confirmed, this will be the third time the company has been targeted since December 2020.