![]() The document says: “it appears the co-conspirators continued to attempt to sell the databases after the third-party’s purchase.” The story goes that T-Mobile “hired a third-party to purchase exclusive access to the database to prevent it being sold to criminals.” Posing as a potential buyer, this third party went to RaidForums and purchased first a sample then the entire database for around $200,000, with the caveat that SubVirt would delete their copy of the data. The DoJ report, the release of which is how we know all this happened, says: “On or about August 11, 2021, an individual using the moniker ‘SubVirt’ posted on the RaidForums website an offer to sell recently hacked data with the following title: ‘SELLING-124M-U-S-A-SSN-DOB-DL-database-freshly-breached.’” Coelho was arrested in the UK in March and there is a request for his extradition to the US. Yesterday the US Department of Justice unsealed an indictment (as in made it public) against Diogo Santos Coelho, who it says is the administrator of the site, and announced they had taken over its domain. The data was apparently being sold on RaidForums, which seems to be some sort of online pirate’s bay where hackers and criminals meet to trade in such things as stolen data. Having had the personal data of 30 million customers hacked last year, T-Mobile used a third party to contact and pay the hackers a $200,000 to stop it leaking – however they just sold it anyway, according to Vice’s tech arm Motherboard. If you are a customer on Mint Mobile, T-Mobile, or Google Fi who experienced a similar situation around this data breach, please get in contact with 9to5Google.Following a hack last year, US operator T-Mobile apparently tried to buy back the stolen data, a move which backfired as the data remained on sale nonetheless. Mint Mobile has yet to publicly comment on these reports, and was unable to provide a statement for this story. ![]() Like Google Fi, Mint Mobile relies on T-Mobile for its network coverage. ![]() That breach was said to affect up to 37 million customers, but T-Mobile, and also Google, have said that personal data was not accessed. The other common thread is the timing, which was right in line with the larger T-Mobile data breach that the carrier disclosed on January 19. One common thread throughout these Mint Mobile stories as well as the Google Fi case was Coinbase, a crypto wallet app that was targeted as a part of the attack. Multiple reports also mentioned that rebooting their phone (and/or cycling data) restored access to their phone number, as the affected Google Fi customer also noted. This was possible because the customers themselves did not have access to their phone numbers, and the attackers could receive their SMS messages including two-factor authentication codes. One Mint customer claims to have lost $15,000 worth of cryptocurrency from the attacker. Some users noticed their phones lose cell connection followed by notifications that their email and/or Coinbase accounts had been compromised. While that user was able to regain control over their accounts before any damage could be done, some Mint Mobile customers were hit by the same sort of attack and some lost thousands of dollars as a result.Īt least five different Mint Mobile customers went to Reddit between late December and early January claiming that their phone numbers were briefly hijacked. The advanced attack was then confirmed by Google in an email to this affected customer, though it’s still unclear if anyone else on Google Fi had a similar experience.Īround the same time as that January 1 attack, though, several Mint Mobile customers saw a similar hijacking of their phone numbers for a brief period of time, but they weren’t so lucky as the Fi customer. As it turns out, the same thing also happened to several Mint Mobile customers who temporarily lost their phone numbers around the same time period.Įarlier this week we detailed the story of one Google Fi customer who saw their online accounts being hacked in real-time, only to find out the reason why was because their phone number had somehow been transferred to an attacker, sending their SMS messages to the attacker. ![]() Earlier this month T-Mobile disclosed a security breach that also affected Google Fi, and in the case of one customer it also seemed to lead to several hacked accounts and a hijacked phone number.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |