Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

T-Mobile denies it was hacked, despite hacker claiming to have leaked company data

Renovated Headquarters.

Popular data leaker IntelBroker is selling a database allegedly belonging to the telecommunications giant T-Mobile, but the company has denied this is the case.

In a new post published on a dark web forum, IntelBroker said they were selling “Source code, SQL files, Images, Terraform data, t-mobile.com certifications, Siloprograms.” 

They said the breach happened in June 2024, and shared screenshots showing access with admin privileges to a Confluence server, as well as screenshots depicting the company’s Slack channels for developers.

Old screenshots

We don’t know how big the database is, or how much money the threat actor is asking for. However, T-Mobile claims its infrastructure is intact, and is currently investigating the matter further.

"T-Mobile systems have not been compromised. We are actively investigating a claim of an issue at a third-party service provider," T-Mobile shared in a statement to BleepingComputer. "We have no indication that T-Mobile customer data or source code was included and can confirm that the bad actor's claim that T-Mobile's infrastructure was accessed is false."

A source told the publication that the screenshots are old, and were posted to a third-party vendor’s server. The name of the third party is known, but given the risk of other threat actors targeting it, will remain hidden for now.

IntelBroker has made quite a name for themselves, posting data belonging to many high-profile organizations on the dark web. Recently, the same threat actor offered AMD’s files for sale: "In June 2024, AMD, a large computing company suffered a data breach. Compromised data: Future AMD products, Spec sheets, employee databases, customer databases, property files, ROMs, source code, firmware and finances," the threat actor said in the post.

Other organizations hit by the same attacker include HPE, General Electric, Home Depot, Facebook Marketplace, and many others. 

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.