T-Mobile US Inc (TMUS.O) said Wednesday that an investigation into a data breach revealed that personal information, including social security numbers and driver’s license information, had been stolen from more than 40 million former and prospective customers.
The stolen files also contain data from 7.8 million existing T-Mobile wireless customers.
Birth dates, first and last names were also stolen, the telecom provider said, adding that there was no indication that their financial records had been compromised.
The company, which had 104.8 million customers in June, acknowledged the data breach on Sunday after US-based digital media outlet Vice first reported that a seller on an underground forum had put some private information up for sale, including social security numbers. of a breach of T-Mobile’s servers.
Vice said the seller claimed 100 million people had their data compromised by the breach. The seller offered data on 30 million people for 6 bitcoin, or about $270,000.
Later, reports suggested the asking price had fallen and the full data was selling for just $200.
Reuters was unable to verify the accuracy of the forum’s post.
T-Mobile’s data breach is the latest high-profile cyberattack in which digital thieves are taking advantage of security weakened by work-from-home policies due to the COVID-19 pandemic.
Earlier this month, the cryptocurrency platform Poly Network lost $610 million in a hack and later offered the hacker or hackers a “bug bounty” of $500,000.