UScellular customer data allegedly up for grabs on the dark web

A treasure trove of customer data, allegedly stolen from mobile carrier UScellular, has been offered up for free on the dark web.

A dark web hacker claims to have obtained the stolen data belonging to 144 thousand UScellular mobile customers and is now offering it up for free on the popular black market leak site Breached.

The hacker, known on the site as IntelBroker, posted a download link – accompanied by the official UScellular logo, on Breached Wednesday morning.

The Cybernews research team confirmed the UScellular website was off line at some point Wednesday morning, but has since been restored.

IntelBroker UScellular1
IntelBroker, BreachForums

IntelBroker has logged nearly 500 posts since joining the community in October 2022. They also boast a solid 1900+ reputation rating among fellow hackers, according to their Breached profile.

Their profile signature reads, “I release mostly free databases. Keep me alive by donating.”

IntelBroker claims the download link will reveal a database of 144K customers belonging to UScellular, stolen by hackers just last month.

IntelBroker, BreachForums

Sensitive information contained in the database includes the customer subscriber key, subscriber ID, account key, full name and business name, account activation date, current cellular plan and price, device manufacturer and model, current balance, and whether the user is enrolled in autopay and/or has an insurance policy on their device.

Our team examined the linked datasheet and found only 114k number lines, about 40 thousand less than advertised.

Since IntelBroker also noted they were too lazy to remove duplicates from the file, the research team concluded the total number of accounts was most likely four times less than what the hacker originally claimed.

Cybernews has reached out to UScellular for confirmation of a January 2023 breach, but is still waiting for a response at this time.

It is not clear if the purported theft could be linked to a UScellular data breach from December 2021.

This is the data sample IntelBroker posted under the BreachForums heading, "U.S. Cellular Database, Leaked - Download."

UScellular breached
Sample of alleged UScellular customer database - BreachForums

IntelBroker has targeted other cellular carriers in the past, according to The CyberPress news outlet, including Verizon and AT&T.

The supposed UScellular customer leak comes on the heels of two other mobile carrier breaches announced in the past month.

On January 5, T-Mobile alerted 37 million customers that their data had been compromised after suspicious activity was found in their network systems.

This week, Google Fi discovered their customer data had also been breached in connection with the T-Mobile hack. Google Fi uses both T-Mobile and UScellular as carriers for their primary network coverage.

UScellular is the fourth largest carrier in the US.

If a January 2023 breach of UScellular is confirmed, there could be a strong possibility it is also connected to the T-Mobile incident.

More from Cybernews:

Cybercrime is world's third largest economy

EU sweep reveals evidence of consumer manipulation

Microsoft hunts threat actors over malvertising

TikTok users invited to share data as part of platform probe

GitHub breach: attackers cloned code signing certificates

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked