PowerKee’s Bastion of Privacy #37 — T-Mobile hacked again as hackers put customers’ data up for sale on the darknet.
A hacker in an “underground forum” has stolen the data of over 100 million T-Mobile users. In a sales advert, the hacker has put some of the data up for sale at a price of 6 BTC. According to the hacker, the stolen data includes “social security numbers, phone numbers, names, physical addresses, unique IMEI numbers, and driver licenses information” of T-Mobile users.
After a period of investigation by T-Mobile, the company has confirmed that it was hacked. However, it is uncertain whether personal customer data has been involved. It only knows that somebody gained unauthorized access to the company’s servers.
In the latest Bastion of Privacy, we highlight the challenges faced by T-Mobile and its users over recent months. We consider the possible outcomes for the users whose data may have been stolen.
A challenging year for T-Mobile
Since the beginning of 2021, T-Mobile has been entangled in a couple of data security issues. On February 8th, the telecommunications giant was sued for negligence and failure to protect customer information. The particular case at the time involved a user who fell victim to a “SIM swap attack”, which led to the loss of about $450,000 in BTC.
A SIM swap attack involves a total takeover of a victim’s cell phone number which can provide access to multiple online accounts. Social media accounts and both brokerage accounts and exchanges may be accessed in the event that a mobile number is successfully breached.
On July 22nd, another similar case was filed against T-Mobile but at a bigger scale. $8.7 million was alleged to have been stolen as a result of a SIM swap attack and fingers were pointed at T-Mobile for enabling it by failing in its “responsibility to protect the personal and financial information of its customers”.
The unending cycle of hacks and fixes
In the latest T-Mobile fiasco, the thief is asking for 6 BTC in exchange for 30 million social security numbers and driver’s licenses and claims that the rest of the data is being sold privately across the darknet. Vulnerabilities like this are common on the mainstream internet and remain a major challenge with centralized servers.
One would expect that after previous experiences, an organization like T-Mobile would figure out ways to prevent a recurrence of data breach situations. However, in the case of large and centralized companies, it is always an uphill battle to effectively protect users’ data.
Changing the game in data security
Privacy-focused blockchain solutions like PowerKee are changing the game when it comes to protecting users’ data. In the T-Mobile attacks, over $9 million in cryptocurrency value was successfully breached. This could be even more in the fallout from the latest hack. However, this could have been easily prevented if users took measures to store and manage their value on a blockchain network like PowerKee.
PowerKee allows users to securely and privately manage their financial data. The native KEE tokens can be easily transferred across the network in a cost effective and seamless manner. After last week’s release of the PowerKee wallet solution, using the PowerKee network has never been easier.
About PowerKee
PowerKee is a cryptocurrency network that makes privacy easy. Users can transact cheaply and instantly while maintaining anonymity. The PowerKee protocol uses a mixture of zero-knowledge proofs and coin mixing to provide strong privacy assurances to its users.
