T-Cell has denied struggling one other knowledge breach following Thursday evening stories {that a} menace actor leaked a big database allegedly containing T-Cell workers’ knowledge.
The cellular service advised BleepingComputer that the leaked knowledge is believed to belong to a certified retailer, which was breached earlier this 12 months.
“There has not been a T-Cell knowledge breach. The info being referred to on-line is believed to be associated to an independently owned approved retailer from their incident earlier this 12 months. T-Cell worker knowledge was not uncovered,” T-Cell advised BleepingComputer.
Final evening, somebody below the alias ’emo’ shared an 89 GB ZIP archive allegedly containing T-Cell knowledge on the BreachForums hacking discussion board at no cost.
Whereas emo states within the put up title that the breach is expounded to T-Cell and Connectivity Supply (a third-party T-Cell approved retailer), the put up signifies that it was stolen from the mobile firm.
“In April 2023 T-Cell suffered an information breach exposing gross sales knowledge/ analytics, T-Cell assist calls with clients, worker credentials, partial SSNs, electronic mail addresses and buyer knowledge,” reads the discussion board put up.
Supply: BleepingComputer
The archive posted to the hacking discussion board comprises a considerable amount of knowledge, together with worker IDs, employment standing, rent dates, termination dates, rehire dates, job titles, division, names, final 4 digits of social safety quantity, and electronic mail addresses.
The info additionally seems to comprise details about buyer orders and their plans.
Malware repository VX-Underground was first to share data on the info leak in tweets [1, 2] describing it as being the results of a T-Cell breach.
“T-Cell has been breached (once more). Knowledge has been exfiltrated and it’s being shared on-line (once more) That is T-Cell’s eighth breach since 2018,” reads tweets from VX-Underground.
As T-Cell is thought within the cybersecurity neighborhood for its repeated knowledge breaches, struggling 9 since 2018, with two already in 2023, it was simple to imagine that it suffered one other.
Probably linked to Connectivity Supply breach
Nonetheless, this knowledge breach is believed to be associated to Amtel, LLC, a certified T-Cell retailer doing enterprise because the Connectivity Supply model, who warned of a breach earlier this 12 months.
In Might 2023, Amtel warned that they suffered an information breach on April nineteenth that allowed the attackers to steal knowledge for present or former workers of the corporate.
“On April 19, 2023, Amtel was notified of suspicious exercise in its community surroundings. Upon discovery of this incident, Amtel promptly engaged a specialised cybersecurity agency to safe its surroundings and to find out the character and scope of the incident,” reads the Amtel/Connectivity Supply knowledge breach notification.
“Whereas the investigation is ongoing, Amtel decided the incident concerned restricted personally identifiable data (“PII”) the identical day.”
Whereas it has not been confirmed if the info launched on BreachForums is similar knowledge breach disclosed by Amtel, the dates align, making it extremely seemingly.
BleepingComputer contacted Connectivity Supply in regards to the publishing of its stolen knowledge final evening however didn’t obtain a response to our electronic mail.
The excellent news is that this knowledge doesn’t comprise buyer knowledge, and Amtel claims that solely 17,835 present and former workers had been impacted by the breach.
Nonetheless, this knowledge remains to be precious for menace actors, who may ship focused phishing emails to Connectivity Supply workers to achieve entry to assist methods or carry out SIM Swapping assaults.
Due to this fact, all Connectivity Supply workers must be looking out for suspicious emails and ensure that they’re legit earlier than appearing upon any of them.