U.S. carrier T-Mobile has confirmed that it experienced a data breach, saying that “unauthorized access to some T-Mobile data occurred”. It comes after the carrier said that it was investigating a forum post online, claiming to be selling data of over 100 million people. The data is said to include social security numbers, phone numbers, names, physical addresses, unique IMEI numbers, and driver’s licenses information, and it’s also said to have come directly from T-Mobile’s servers.

Some samples of the data have been seen by Motherboard, and the publication confirmed that they contained accurate information on T-Mobile customers. The seller told Motherboard that they compromised multiple servers belonging to T-Mobile. A subset of data containing roughly 30 million social security numbers and driver’s licenses are being sold on the forum for a total of six bitcoin, whereas the remaining data is being sold privately. Six bitcoin amounts to roughly $280,000 at current rates.

“I think they already found out because we lost access to the backdoored servers,” the seller told Motherboard, referring to T-Mobile’s potential response to the breach. The seller said that it seemed that T-Mobile has since kicked them out of the hacked servers, but that they had already downloaded the data locally. “It’s backed up in multiple places,” they said.

T-Mobile has said in a statement that “we are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed.” The company has also pledged to “proactively communicate” with customers and stakeholders once more is understood, but that the investigation will “take some time”. T-Mobile is also not confirming the number of records affected or the validity of any statements made by others. This is a developing story and more information will likely be released in the future.