T-Mobile

A cybercriminal has admitted to hacking businesses like Uber, Sainsbury's, and Groupon to sell customers' personal information on the dark web. The other targets included Nectar, T-Mobile, Asda, Ladbrokes, Coral, and Argos.

The data comprised all the information required to complete an online purchase and was then promoted and sold to clients through his dark website.

The firm is thought to have lost more than £200,000 due to the theft, although no financial data was collected.

West pleaded guilty to two counts of conspiring to defraud, one count of hacking a computer, four counts of possessing and supplying marijuana, two counts of having criminal property, and one crime of money laundering Bitcoins.

The leaked data is related to a security breach on a third-party vendor.

Source: https://metro.co.uk/2017/12/14/hacker-got-details-165000-people-sites-including-uber-groupon-7161418/

TPRM report: https://scoringcyber.rankiteo.com/company/t-mobile

"id": "tmo20024323",
"linkid": "t-mobile",
"type": "Data Leak",
"date": "12/2017",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'industry': 'Transportation',
                        'name': 'Uber',
                        'type': 'Business'},
                       {'industry': 'Retail',
                        'name': "Sainsbury's",
                        'type': 'Business'},
                       {'industry': 'E-commerce',
                        'name': 'Groupon',
                        'type': 'Business'},
                       {'industry': 'Retail',
                        'name': 'Nectar',
                        'type': 'Business'},
                       {'industry': 'Telecommunications',
                        'name': 'T-Mobile',
                        'type': 'Business'},
                       {'industry': 'Retail',
                        'name': 'Asda',
                        'type': 'Business'},
                       {'industry': 'Gambling',
                        'name': 'Ladbrokes',
                        'type': 'Business'},
                       {'industry': 'Gambling',
                        'name': 'Coral',
                        'type': 'Business'},
                       {'industry': 'Retail',
                        'name': 'Argos',
                        'type': 'Business'}],
 'attack_vector': 'Hacking',
 'data_breach': {'type_of_data_compromised': 'Personal information required to '
                                             'complete an online purchase'},
 'description': 'A cybercriminal admitted to hacking businesses like Uber, '
                "Sainsbury's, and Groupon to sell customers' personal "
                'information on the dark web. Other targets included Nectar, '
                'T-Mobile, Asda, Ladbrokes, Coral, and Argos. The data '
                'comprised all the information required to complete an online '
                'purchase and was then promoted and sold to clients through '
                'his dark website. The firm is thought to have lost more than '
                '£200,000 due to the theft, although no financial data was '
                'collected. West pleaded guilty to multiple counts of '
                'conspiring to defraud, hacking a computer, possessing and '
                'supplying marijuana, having criminal property, and money '
                'laundering Bitcoins. The leaked data is related to a security '
                'breach on a third-party vendor.',
 'impact': {'data_compromised': "Customers' personal information",
            'financial_loss': 'More than £200,000'},
 'initial_access_broker': {'data_sold_on_dark_web': 'Yes'},
 'motivation': 'Financial Gain',
 'threat_actor': 'Cybercriminal',
 'title': 'Cybercriminal Hacks Multiple Businesses to Sell Customer Data on '
          'Dark Web',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Security breach on a third-party vendor'}