T-Mobile tried to buy stolen customer data back, but failed – TechRadar

t-mobile-tried-to-buy-stolen-customer-data-back,-but-failed-–-techradar

As you may know that someone could be secretly watching you or your child with your webcam right now? Is it worth taking such a risk? camDown can help stop them!

Renovated Headquarters



(Image credit: T-Mobile)

After falling victim to a data breach last year, the US telecom T-Mobile hired a third-party which tried to buy back the company’s stolen data before it could be widely distributed online.

As reported by Motherboard, the plan was ultimately unsuccessful as the cybercriminals responsible continued to sell the company’s data on an online hacking forum despite being paid a total of $200k to delete their copy.

The news outlet only recently learned that a third-party hired by T-Mobile tried to buy back the telecom’s stolen customer data following the Department of Justice unsealing an indictment against Diogo Santos Coelho who is allegedly the administrator of the notorious hacking site RaidForums.

While Coelho was arrested in the UK back in March of this year, an affidavit regarding his extradition to the US contained new information on the T-Mobile data breach though the company was not named outright.

Purchasing stolen data from cybercriminals

According to the affidavit, a RaidForums’ user going by the handle “SubVirt” made the original post on the site offering to sell a stolen database containing the social security numbers, dates of birth, driver’s licenses and other sensitive information of 124m T-Mobile customers.

An employee of the third-party hired by T-Mobile responded to the post and bought a sample of the data in the database for $50k in Bitcoin. After reviewing the sample, they then went on to purchase the entire database for around $150k on the condition that SubVirt would delete their copy of the data. This would limit T-Mobile’s customer data from ending up in the hands of other cybercriminals that could use it to commit fraud, identity theft, phishing attacks and other cybercrimes.

After being paid $200k for the database, SubVirt and the other hackers behind the breach continued to try and sell the company’s stolen customer data on RaidForums. While the court documents don’t name the third-party hired by T-Mobile, in a statement back in August, the company’s CEO Mike Sievert explained that its investigation into the breach had been “supported by world-class security experts Mandiant from the very beginning”.

Paying cybercriminals is not out of the ordinary and it routinely occurs when organizations fall victim to ransomware attacks. Just like in this case though, cybercriminals may not keep up their end of the bargain which is why the FBI and other law enforcement agencies say to never pay a ransom.

  • Avoid falling victim to fraud and other cybercrime with the best identity theft protection

Via Vice

Anthony Spadafora

After getting his start at ITProPortal while living in South Korea, Anthony now writes about cybersecurity, web hosting, cloud services, VPNs and software for TechRadar Pro. In addition to writing the news, he also edits and uploads reviews and features and tests numerous VPNs from his home in Houston, Texas. Recently, Anthony has taken a closer look at standing desks, office chairs and all sorts of other work from home essentials. When not working, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

You know, I just wanted to mention that camDown has a modern UI, that is secure and has the improved features that you need and I believe your family would say the same!