A few hours ago we exclusively reported on a Dark Web vendor DoubleFlag selling more than 1 Billion accounts stolen from Chinese Internet giants. Now, the same vendor is selling something that is not just unique but also highly sensitive and something the Intelligence agencies around the world would consider an excellent opportunity to get their hands on.
The vendor is selling a database containing personal and cell phone number details of 126,761,168 citizens of the United States taken from United States Cellular Corporation (U.S. Cellular), a regional carrier which owns and operates the fifth-largest wireless telecommunications network in the United States, serving 4.9 million customers in 426 markets in 23 U.S. states.
DoubleFlag claims the database is updated till January 2017 and never been leaked on the Internet before. The database according to him contains details such as first name, last name, address, city, state and phone numbers of one hundred twenty-six million seven hundred sixty-one thousand one hundred sixty-eight (126,761,168) Americans.
The price set for this database is 0.5497 Bitcoin (USD 500). This means anyone with access to this database can scan and check cell phone number details of millions of American citizens.
To confirm if U.S. Cellular has suffered a data breach we contacted the company through their website chat service where an operator simply refused to provide media contact for the company, however, we were able to find three of their media contacts and an email was sent for an official comment as to whether there was a data breach on U.S. Cellular servers and waiting for their reply.
This is not the first time when personal details of US citizens were being sold on the Internet. Last year, a hacker going by the handle of “DataDirect” was selling full access to voter registration records of the US citizens on The Trade Deal marketplace.
Update: 12:25 PM Friday, January 27, 2017, Coordinated Universal Time (UTC)
Hackread has received a reply from U.S. Cellular. According to Katie Frey ofU.S. Cellular: “After a thorough investigation into this claim, we can confirm that the database referenced in your story is not a U.S. Cellular database. We take any claim of breach of our customers’ data very seriously, and our security team and partners worked quickly to complete our investigation. In addition, we have reported this to the proper authorities.”