BOSTON (Reuters) - T-Mobile USA, the No. 4 U.S. mobile carrier, said it was investigating a claim that somebody hacked into its computers, stealing reams of confidential data.
A T-Mobile document, which contained information that appeared to identify servers from T-Mobile USA’s network, surfaced Saturday on Insecure.org, a website devoted to computer security issues.
It was accompanied by a note from an unknown person offering to sell large quantities of confidential data from T-Mobile to the highest bidder.
T-Mobile USA, the U.S. mobile arm of Germany’s Deutsche Telekom (DTEGn.DE), issued a statement on Tuesday saying that so far its investigation has not unearthed any evidence that customer information was stolen.
“If there is any evidence that customer or system information has been compromised, we would inform those affected as quickly as possible,” T-Mobile said in the statement.
T-Mobile said the data posted on the website on Saturday appeared to have been copied from its computer systems.
“We’ve identified the document from which information was copied, and believe possession of this alone is not enough to cause harm to our customers,” T-Mobile said.
The apparent attack underscores the damage that data breaches can cause businesses. U.S. President Barack Obama, whose own presidential campaign computers were hacked, recently said such attacks are so widespread that they have cost more than $8 billion in damages over the past two years in the United States.
The posting offered to sell databases, financial documents, other confidential information and computer programs from T-Mobile’s servers.
“We already contacted with their competitors (sic) and they didn’t show interest in buying their data — probably because the mails got to the wrong people — so now we are offering them for the highest bidder,” it said.
T-Mobile officials declined to discuss the progress of the investigation.
“We continue to investigate the matter, and have taken additional precautionary measures to further ensure our customers’ information and our systems are protected,” T-Mobile said in its statement.
Reuters attempted to contact the person who posted the information using the email address listed on the website. It was returned as undeliverable.
T-Mobile USA’s computer systems were broken into four years ago by hackers who gained access to data on hundreds of customer accounts. The company cooperated with federal authorities to catch the hackers.
Rick Wesson, chief executive of network security firm Support Intelligence, said companies are frequently hacked, though it is unusual for criminals to go public offering such large quantities of data.
“I don’t think I’ve seen anybody try to extort to that level,” he said.
Reporting by Jim Finkle; Editing by Derek Caney, Richard Chang