Here are the details. A threat actor claimed to have made copies of databases that contained personal information belonging to more than 100 million of the company's customers.
The attacker is currently offering copies of the database for sale on the Dark Web for six bitcoin valued at approximately $280,000 USD at the time this article was written.
The database being offered contains useful information including:
The remaining records also contain personal information but the information is somewhat less comprehensive than the 30 million records mentioned above.
According to the attacker he was able to make off with their entire IMEI history database dating back to 2004. In all the attacker claims to have made off with more than 106 GB worth of data and is actively seeking buyers.
According to the hacker the attack against T-Mobile was launched as an act of revenge against the US for the apprehension of another hacker named John Erin Binns in Germany in 2019. How much of this claim is true is unknown at this time.
If you're a T-Mobile subscriber there is nothing for you to do at present except to be mindful that large amounts of data may have been stolen. Keep a watchful eye on your accounts in the event that your customer record was compromised.
We can expect the company to make an additional announcement as their investigation reaches its conclusion. For the moment just be mindful of it and be aware that no company is too big or too small to be a target of relentless hackers. Your company could be next.