Popular data leaker IntelBroker is selling a database that supposedly belongs to telecommunications giant T-Mobile, but the company has denied this.
In a new post published on a dark web forum, IntelBroker said they were selling “source code, SQL files, images, Terraform data, t-mobile.com certifications, Silo programs.”
They said the breach occurred in June 2024 and shared screenshots showing access with administrator privileges to a Confluence server, as well as screenshots showing the company's Slack channels for developers.
Old screenshots
We don't know how big the database is or how much money the threat actor is asking for. However, T-Mobile claims that its infrastructure is intact and is currently investigating the matter further.
“T-Mobile's systems have not been compromised. We are actively investigating a claim of an issue at a third-party service provider,” T-Mobile shared in a statement to beepcomputer. “We have no indication that T-Mobile customer data or source code was included and can confirm that the bad actor's claim that T-Mobile infrastructure was accessed is false.”
A source told the publication that the screenshots are old and were posted on a third-party provider's server. The name of the third party is known, but given the risk of other threat actors targeting it, it will remain hidden for now.
IntelBroker has made a big name for itself by publishing data belonging to many high-profile organizations on the dark web. Recently, the same threat actor put AMD files up for sale: “In June 2024, AMD, a large computing company, suffered a data breach. Data compromised: future AMD products, spec sheets, databases of employees, customer databases, proprietary files, ROMs, source code, firmware and finances,” the threat actor said in the post.
Other organizations affected by the same attacker include HPE, General Electric, Home Depot, Facebook Marketplace, and many others.
