T-Cellular has denied struggling one other information breach following Thursday evening reviews {that a} menace actor leaked a big database allegedly containing T-Cellular staff’ information.
The cell service advised BleepingComputer that the leaked information is believed to belong to a licensed retailer, which was breached earlier this 12 months.
“There has not been a T-Cellular information breach. The information being referred to on-line is believed to be associated to an independently owned licensed retailer from their incident earlier this 12 months. T-Cellular worker information was not uncovered,” T-Cellular advised BleepingComputer.
Final evening, somebody underneath the alias ’emo’ shared an 89 GB ZIP archive allegedly containing T-Cellular information on the BreachForums hacking discussion board free of charge.
Whereas emo states within the put up title that the breach is expounded to T-Cellular and Connectivity Supply (a third-party T-Cellular licensed retailer), the put up signifies that it was stolen from the mobile firm.
“In April 2023 T-Cellular suffered a knowledge breach exposing gross sales information/ analytics, T-Cellular assist calls with prospects, worker credentials, partial SSNs, electronic mail addresses and buyer information,” reads the discussion board put up.
Supply: BleepingComputer
The archive posted to the hacking discussion board comprises a considerable amount of information, together with worker IDs, employment standing, rent dates, termination dates, rehire dates, job titles, division, names, final 4 digits of social safety quantity, and electronic mail addresses.
The information additionally seems to include details about buyer orders and their plans.
Malware repository VX-Underground was first to share data on the info leak in tweets [1, 2] describing it as being the results of a T-Cellular breach.
“T-Cellular has been breached (once more). Knowledge has been exfiltrated and it’s being shared on-line (once more) That is T-Cellular’s eighth breach since 2018,” reads tweets from VX-Underground.
As T-Cellular is understood within the cybersecurity neighborhood for its repeated information breaches, struggling 9 since 2018, with two already in 2023, it was straightforward to imagine that it suffered one other.
Probably linked to Connectivity Supply breach
Nevertheless, this information breach is believed to be associated to Amtel, LLC, a licensed T-Cellular retailer doing enterprise because the Connectivity Supply model, who warned of a breach earlier this 12 months.
In Might 2023, Amtel warned that they suffered a knowledge breach on April nineteenth that allowed the attackers to steal information for present or former staff of the corporate.
“On April 19, 2023, Amtel was notified of suspicious exercise in its community setting. Upon discovery of this incident, Amtel promptly engaged a specialised cybersecurity agency to safe its setting and to find out the character and scope of the incident,” reads the Amtel/Connectivity Supply information breach notification.
“Whereas the investigation is ongoing, Amtel decided the incident concerned restricted personally identifiable data (“PII”) the identical day.”
Whereas it has not been confirmed if the info launched on BreachForums is similar information breach disclosed by Amtel, the dates align, making it extremely probably.
BleepingComputer contacted Connectivity Supply in regards to the publishing of its stolen information final evening however didn’t obtain a response to our electronic mail.
The excellent news is that this information doesn’t include buyer information, and Amtel claims that solely 17,835 present and former staff have been impacted by the breach.
Nevertheless, this information remains to be helpful for menace actors, who may ship focused phishing emails to Connectivity Supply staff to realize entry to assist methods or carry out SIM Swapping assaults.
Due to this fact, all Connectivity Supply staff ought to be looking out for suspicious emails and make sure that they’re authentic earlier than performing upon any of them.
