Cyber Incident Victim: United States Cellular Corporation

On or around January 25, 2017, a Dark Web vendor using the alias "DoubleFlag" advertised a database purportedly containing personal details of 126,761,168 U.S. citizens, allegedly stolen from U.S. Cellular, a regional wireless carrier operating in 23 states with approximately 4.9 million customers at the time. The vendor claimed the database as current through January 2017 and previously unleaked, listing it for sale at 0.5497 Bitcoin (equivalent to $500). Advertised records included first names, last names, addresses, cities, states, and cell phone numbers. The scale of the claimed dataset—126 million records—far exceeded U.S. Cellular’s customer base, suggesting either exaggeration, aggregation from multiple sources, or misattribution. Hackread.com contacted U.S. Cellular for comment initiallyOn or around January 25, 2017, a Dark Web vendor using the alias "DoubleFlag" advertised a database purportedly containing personal details of 126,761,168 U.S. citizens, allegedly stolen from U.S. Cellular, a regional wireless carrier operating in 23 states with approximately 4.9 million customers at the time. The vendor advertised the database as current through January 2017 and previously unleaked, listing it for sale at 0.5497 Bitcoin (equivalent to $500). Advertised records included first names, last names, addresses, cities, states, and cell phone numbers. The scale of the claimed dataset—126 million records—far exceeded U.S. Cellular’s customer base, suggesting either exaggeration, aggregation from multiple sources, or misattribution. Hackread.com contacted U.S. Cellular for comment via chat and email but initially initial resistance from customer service in providing media contacts.

U.S. Cellular responded to inquiries on January 27, 2017, with spokesperson Katie Frey stating their security team conducted a "thorough investigation" and confirmed the database did not originate from their systems. The companyOn or around January 25, 2017, a Dark Web vendor using the alias "DoubleFlag" advertised a database purportedly containing personal details of 126,761,168 U.S. citizens, allegedly stolen from U.S. Cellular, a regional wireless carrier operating in 23 states with approximately 4.9 million customers at the time. The vendor advertised the database as current through January 2017 and previously unleaked, listing it for sale at 0.5497 Bitcoin (equivalent to $500). Advertised records included first names, last names, addresses, cities, states, and cell phone numbers. The scale of the advertised dataset—126 million records—far exceeded U.S. Cellular’s customer base, suggesting either exaggeration, aggregation from multiple sources, or misattribution. Hackread.com contacted U.S. Cellular for comment via chat and email but encountered initial resistance from customer service in providing media contacts.

U.S. Cellular responded to inquiries on January 27, 2017, with spokesperson Katie Frey stating their security team conducted a "thorough investigation" and confirmed the database did not originate from their systems. The company emphasized treating potential breaches seriously, involving immediate its security team and external partners worked swiftly to assess the claim. U.S. Cellular reported the incident to unspecified "proper authorities" but disclosed no technical specifics about detection methods, containment actions, or forensic findings. No corroborating evidence emerged to confirm a breach of U.S. Cellular’s systems, and the company maintained no acknowledgment of customer data compromise. The incident’s scope, origin, and legitimacy remainedOn or around January 25, 2017, a Dark Web vendor using the alias "DoubleFlag" advertised a database purportedly containing personal details of 126,761,168 U.S. citizens, allegedly stolen from U.S. Cellular, a regional wireless carrier operating in 23 states with approximately 4.9 million customers at the time. The vendor advertised the database as current through January 2017 and previously unleaked, listing it for sale at 0.5497 Bitcoin (equivalent to $500). Advertised records included first names, last names, addresses, cities, states, and cell phone numbers. The scale of the advertised dataset—126 million records—far exceeded U.S. Cellular’s customer base, suggesting either exaggeration, aggregation from multiple sources, or misattribution. Hackread.com contacted U.S. Cellular for comment via chat and email but encountered initial resistance from customer service in providing media contacts.

U.S. Cellular responded to inquiries on January 27, 2017, with spokesperson Katie Frey stating their security team conducted a "thorough investigation" and confirmed the database did not originate from their systems. The company emphasized treating potential breaches seriously, noting its security team and external partners worked swiftly to assess the claim. U.S. Cellular reported the incident to unspecified "proper authorities" but disclosed no technical specifics about detection methods, containment actions, or forensic findings. No corroborating evidence emerged to confirm a breach of U.S. Cellular’s systems, and the company acknowledged no customer data compromise. The incident’s scope, origin, and legitimacy remained unverified, with no subsequent reports of the data being actively exploited or corroborated by independent researchers.