T-Cellular has denied struggling one other data breach following Thursday evening experiences {that a} risk actor leaked a big database allegedly containing T-Cellular workers’ information.
The cell service informed BleepingComputer that the leaked information is believed to belong to a licensed retailer, which was breached earlier this 12 months.
“There has not been a T-Cellular data breach. The information being referred to on-line is believed to be associated to an independently owned licensed retailer from their incident earlier this 12 months. T-Cellular worker information was not uncovered,” T-Cellular informed BleepingComputer.
Final evening, somebody underneath the alias ’emo’ shared an 89 GB ZIP archive allegedly containing T-Cellular information on the BreachForums hacking discussion board at no cost.
Whereas emo states within the publish title that the breach is expounded to T-Cellular and Connectivity Supply (a third-party T-Cellular licensed retailer), the publish signifies that it was stolen from the mobile firm.
“In April 2023 T-Cellular suffered a data breach exposing gross sales information/ analytics, T-Cellular assist calls with prospects, worker credentials, partial SSNs, e-mail addresses and buyer information,” reads the discussion board publish.
Supply: BleepingComputer
The archive posted to the hacking discussion board accommodates a considerable amount of information, together with worker IDs, employment standing, rent dates, termination dates, rehire dates, job titles, division, names, final 4 digits of social security quantity, and e-mail addresses.
The information additionally seems to include details about buyer orders and their plans.
Malware repository VX-Underground was first to share data on the information leak in tweets [1, 2] describing it as being the results of a T-Cellular breach.
“T-Cellular has been breached (once more). Data has been exfiltrated and it’s being shared on-line (once more) That is T-Cellular’s eighth breach since 2018,” reads tweets from VX-Underground.
As T-Cellular is thought within the cybersecurity group for its repeated data breaches, struggling 9 since 2018, with two already in 2023, it was simple to imagine that it suffered one other.
Possible linked to Connectivity Supply breach
Nevertheless, this data breach is believed to be associated to Amtel, LLC, a licensed T-Cellular retailer doing enterprise because the Connectivity Supply model, who warned of a breach earlier this 12 months.
In Could 2023, Amtel warned that they suffered a data breach on April nineteenth that allowed the attackers to steal information for present or former workers of the corporate.
“On April 19, 2023, Amtel was notified of suspicious exercise in its community setting. Upon discovery of this incident, Amtel promptly engaged a specialised cybersecurity agency to safe its setting and to find out the character and scope of the incident,” reads the Amtel/Connectivity Supply data breach notification.
“Whereas the investigation is ongoing, Amtel decided the incident concerned restricted personally identifiable data (“PII”) the identical day.”
Whereas it has not been confirmed if the information launched on BreachForums is identical data breach disclosed by Amtel, the dates align, making it extremely doubtless.
BleepingComputer contacted Connectivity Supply concerning the publishing of its stolen information final evening however didn’t obtain a response to our e-mail.
The excellent news is that this information doesn’t include buyer information, and Amtel claims that solely 17,835 present and former workers had been impacted by the breach.
Nevertheless, this information remains to be useful for risk actors, who may ship focused phishing emails to Connectivity Supply workers to realize entry to assist techniques or carry out SIM Swapping assaults.
Subsequently, all Connectivity Supply workers needs to be looking out for suspicious emails and ensure that they’re legit earlier than appearing upon any of them.
