T-Mobile denies it was hacked, despite hacker claiming to have leaked company data
IntelBroker claimed to be selling T-Mobile's data online
Popular data leaker IntelBroker is selling a database allegedly belonging to the telecommunications giant T-Mobile, but the company has denied this is the case.
In a new post published on a dark web forum, IntelBroker said they were selling “Source code, SQL files, Images, Terraform data, t-mobile.com certifications, Siloprograms.”
They said the breach happened in June 2024, and shared screenshots showing access with admin privileges to a Confluence server, as well as screenshots depicting the company’s Slack channels for developers.
Old screenshots
We don’t know how big the database is, or how much money the threat actor is asking for. However, T-Mobile claims its infrastructure is intact, and is currently investigating the matter further.
"T-Mobile systems have not been compromised. We are actively investigating a claim of an issue at a third-party service provider," T-Mobile shared in a statement to BleepingComputer. "We have no indication that T-Mobile customer data or source code was included and can confirm that the bad actor's claim that T-Mobile's infrastructure was accessed is false."
A source told the publication that the screenshots are old, and were posted to a third-party vendor’s server. The name of the third party is known, but given the risk of other threat actors targeting it, will remain hidden for now.
IntelBroker has made quite a name for themselves, posting data belonging to many high-profile organizations on the dark web. Recently, the same threat actor offered AMD’s files for sale: "In June 2024, AMD, a large computing company suffered a data breach. Compromised data: Future AMD products, Spec sheets, employee databases, customer databases, property files, ROMs, source code, firmware and finances," the threat actor said in the post.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Other organizations hit by the same attacker include HPE, General Electric, Home Depot, Facebook Marketplace, and many others.
More from TechRadar Pro
- AMD investigating possible data breach after internal company data put up for sale online
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.