Back in August of 2021, T-Mobile suffered a massive data breach that saw the data of more than 54 million customers stolen. That might not be as big as some of the major leaks we’ve seen with LinkedIn and Facebook, but it’s still nothing to sneeze at. A data breach of that caliber doesn’t go unnoticed, and it hit the headlines last year hard.
Well, T-Mobile might have tried to buy that leaked data back
That takes us to today with new unsealed court documents from the Department of Justice (Via Engadget). These documents shed light on what T-Mobile is doing to prevent more data leaks. Firstly, it partnered with several companies to help improve its security. The company announced a multi-year partnership with a firm named Mandiant to help reinforce its cybersecurity. Also, T-Mobile partnered with an accounting agency named KPMG. These two companies are going to help keep T-Mobile users’ data safe. However, the details really get juicy when we factor in what T-Mobile did to get the stolen data back. Now, the company didn’t confirm this, but the evidence says a lot. Previously, a man named Diogo Santos Coelho was brought up on criminal charges. He owned and operated a site named RapidForum. This was a hotbed for hackers to buy and sell stolen data. It’s like a data black market. This is where the leaked data from T-Mobile might have ended up. Before the site was taken down, a user on the site who went by the nickname “SubVirt” unloaded a bunch of data from a company to sell around August 11th. The document refers to this company as “Company 3”. Though it doesn’t state that it’s T-Mobile, it’s referred to as a “major telecommunications company and wireless operator [that] provides services in the United States.” How many of those happened to have a massive data leak in August of 2021? Anyway, “Company 3” hired a third-party player to buy the data from SubVirt using Bitcoin. First, they paid $50,000 for a sample and then proceeded to pay another $150,000 for the entire lot. They bought the data under the condition that Subvirt deletes the data without selling it to other people. In a major scummy move, SubVirt didn’t delete the data and continued to try and sell the data. The data and it seemed that T-Mobile (allegedly) tried to buy back the stolen data from the thief. We don’t know if the data made it to other parties, but at least T-Mobile attempted to retrieve the lost data.