Cyber Incident Victim: Trump Mobile
Date:
May 2026
Location:
—
Summary
Trump Mobile experienced a data leak that exposed customers' names, email addresses, mailing addresses, phone numbers, and order identifiers due to a vulnerability in a third‑party platform it uses. The leak was first highlighted by a security researcher who informed YouTuber Coffeezilla, and the company later confirmed the issue and said the vulnerability had been patched. A spokesperson said the firm is evaluating whether to notify affected customers, while the phone’s launch remains delayed and pre‑order numbers appear lower than previously reported.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Trump Mobile was first announced in June 2025, less than six months after Donald Trump began his second term as president. The brand was created by Trump’s sons Eric and Donald Trump Jr., and the phone is officially known as the T1 model. Although the device was advertised with an American flag design and a promise of U.S. manufacturing, early units shown to journalists displayed only 11 stripes and were not built in the United States. A handful of journalists received pre‑release units ahead of the delayed launch, and one reporter from 404 Media said the Trump Organization placed unauthorized charges on their account after they submitted a $100 deposit for the phone.
In May 2026, YouTuber Coffeezilla disclosed that his personal information and that of every other Trump Mobile customer had been leaked onto the open web. He said a security researcher had alerted him that, aside from his credit card number, all data he had provided to Trump Mobile—including names, email addresses, mailing addresses, phone numbers, and order identifiers—was publicly accessible. TechCrunch later reported that the leak originated from a third‑party platform contracted by Trump Mobile, a detail confirmed by the company’s spokesperson Chris Walker, though the vendor was not named publicly. Trump Mobile did not reply to emailed questions from Gizmodo regarding the incident.
Coffeezilla tweeted on Thursday that the security vulnerability exposing the customer data had been patched, thanking those who helped escalate the issue. The company’s spokesperson told TechCrunch that Trump Mobile was evaluating whether it needed to notify customers about the exposure of their personal data, noting that such notification might be morally appropriate even if not legally required. Despite the evaluation, Trump Mobile had not issued any formal customer notice at the time of the reports. The leak prompted Coffeezilla to warn potential buyers not to order from TrumpMobile.com unless they were prepared for their information to be leaked.
Since January 2025, the Trump family has accumulated billions of dollars, with the president heavily invested in cryptocurrency, launching his own phone line, and promoting watches on television while serving as head of state. Congressional Republicans, who control the legislature, have declined to hold the president accountable for profiting from the presidency. Meanwhile, the MAGA coalition has shown signs of strain; Trump’s decision to initiate a war with Iran has made him unpopular, and House Republicans canceled a scheduled vote on a war powers resolution after it appeared likely to pass, which would have limited his ability to continue the conflict.