- Hacker posts new thread on a dark web forum, claiming to have stolen millions of records from T-Mobile
- The records included names, email addresses, phone numbers, and other PII
- However T-Mobile says the archive has nothing to do with the company or its customers
Hackers have recently shared a new database they claim contains sensitive customer information stolen from the American telecommunications giant, T-Mobile. However, the company denied any connection to the archive, saying it had nothing to do with it, or its clients.
A Cybernews report claims the unnamed cybercriminals leaked a database containing fresh intel (obtained as early as June 1, 2025).
The database contained 64 million lines, holding valuable customer information such as full names, dates of birth, tax IDs, postal addresses, phone numbers, email addresses, device IDs, cookie IDs, and IP addresses.
False claims
This kind of data is extremely valuable to cybercriminals, who can use it to create specially crafted, personalized phishing emails, tricking the victims into sharing login credentials, banking info, and other vital data. These attacks can result in identity theft, wire fraud, and ransomware attacks.
Responding to a Cybernews inquiry, T-Mobile said the data had nothing to do with it: “Any reports of a T-Mobile data breach are inaccurate. We have reviewed the sample data provided and can confirm the data does not relate to T-Mobile or our customers,” the company’s representative told the publication.
The Cybernews team analyzed the data, but could not confirm its authenticity. It said that some data, such as phone numbers, appeared in earlier T-Mobile links, but said it was impossible to verify the archive with 100% accuracy. We also don’t know if 64 million lines means 64 million people.
“If this data is legitimate, exposing 64M lines of highly sensitive information poses a serious threat of identity theft/fraud, surveillance, and further, better-targeted attacks on customers,” the team said.
This is not the first time T-Mobile denied having been breached. Roughly a year ago, an infamous threat actor known as IntelBroker claimed to have broken into T-Mobile and stolen Source code, SQL files, Images, Terraform data, t-mobile.com certifications, and Siloprograms. T-Mobile denied the claims.
