T-Mobile, one of the largest telecommunications corporations in the United States, has had their internal source code presumably up for sale on BreachForums, a renowned blackhat hacking crime forum.
The post was made by a user named IntelBroker, who claims to possess an extensive amount of sensitive company data.
IntelBroker, the perpetrator of the company data breach is also a moderator with a substantial reputation in the hacking community.
Among other confidential materials, the user claims to have obtained T-Mobile's internal source code, SQL files, images, Terraform data, certifications, and siloprograms.
The threat actor has announced on the forum that these data assets are currently available for purchase.
A sample file of the sensitive data was provided by the user to verify the authenticity of the breach.
Despite T-Mobile's official denial of any breach, the samples are regarded as compelling evidence that the breach is legitimate.
The company is currently denying the existence of a breach and attributing the irregularities to system issues.
In June 2024, the breach transpired. Since that time, it is purported that a significant amount of T-Mobile's data has been compromised and is currently available for purchase.
The precise date on which IntelBroker posted the sale offer is not specified; however, it is believed to be recent.
Proof of breach posted on BreachForums:
Financial benefit appears to be the driving force behind the breach. The purchase of the data is being accepted by IntelBroker in the form of cryptocurrency, particularly Monero (XMR).
The user has invited potential buyers to specify their price, which suggests a flexible and opportunistic approach to monetizing the stolen data. Instead, the precise price is not fixed.
Dark Web Informer, a Twitter user who monitors activities within the dark web and cybercrime forums, made the discovery of this alarming post.