T-Mobile Denies Data Breach Allegations by Prominent Hacker

T-Mobile systems were not compromised, says the telecom giant.

T-Mobile reportedly confirms its systems were not compromised after a recent claim by a notorious hacker, IntelBroker, who said they were selling critical information and data from the telecommunications giant. T-Mobile is, however, investigating the matter.

IntelBroker stated that they were selling images, SQL files, certificates for t-mobile.com, silo programs, source code, and Terraform data in a recent post on a dark web forum.

Finnish Hacker Sentenced for Major Data Breach, Blackmail in Psychotherapy Center Case
A hacker from Finland was proven guilty of seeking a ransom from patients of a psychotheraphy center on top of hacking thousands of confidential data. Mika Baumeister from Unsplash

They released pictures demonstrating admin-level access to a Confluence server and the developer Slack channels the organization runs, claiming that the intrusion occurred in June 2024.

An insider informed the publication that the screenshots were uploaded to the server of a third-party vendor and are outdated. The third party's name is known, but it will stay secret for now because other threat actors may target it.

IntelBroker Breaks Into Apple

IntelBroker remains a well-known hacker as it continues to compromise with companies from various industries. The threat actor also released several datasets purportedly from Apple, including the source code for several internal tools the iPhone manufacturer uses.

A dark web forum post by IntelBroker states that source codes for AppleMacroPlugin, AppleConnect-SSO, and Apple-HWE-Confluence-Advanced were exposed in June 2024 as a result of a data breach that occurred on Apple.com, most likely at their hands.

Although Apple-HWE-Confluence-Advanced and AppleMacroPlugin are less recognized, AppleConnect-SSO is an authentication method that permits staff members to access particular apps on the Apple network. The company's Directory Services database is integrated with the system, guaranteeing safe access to internal resources.

IntelBroker's Background

Notably, the same hacker is said to have recently successfully hacked a Meta contractor, which exposed the data of 200,000 Facebook Marketplace users on a hacking site.

The stolen database allegedly held many individually identifiable information (PII) pieces, including names, phone numbers, email addresses, Facebook IDs, and profile details.

The hacked information allegedly made public on February 11 includes 24,127 email addresses among the other exposed data.

According to the threat actor, someone used the Discord username "algoatson" to break into the networks of a Meta contractor in October 2023 and steal this section of the Facebook Marketplace database.

Sources emphasize how crucial it was that IntelBroker hid the identity of the allegedly targeted contractor. Facebook claims that not all contractor businesses are in charge of managing Facebook Marketplace data. Rather, they employ a combination of external partnerships and internal teams, contingent upon the specific data aspect.

Other hacks, such as the December 2023 disclosure of sensitive US Department of Defense material, are also attributed to IntelBroker. The General Electric security breach that led to the November 2023 auction of DARPA-related network access is one of the previous breaches that IntelBroker has exploited. The threat actor was also involved in a Grocery Service hack in February 2023, compromising 1.1 million accounts.

Written by Aldohn Domingo
Tech Times
ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics