Mobilelink USA — a retailer of Cricket Wireless — was hit by a ransomware attack by DragonForce, resulting in ~5 TB of stolen data and a public threat to leak it.

The ransomware gang claims they breached Mobilelink USA’s internal systems and exfiltrated approximately 5.04 TB of data. According to the leak notice, the breach may affect data from 550+ Cricket Wireless stores across 21 US states, potentially compromising customer and employee information. As of now, the attackers have not published sample files or proof — only the company logo and data volume are shared on the leak site.

This attack adds to a broader wave of intrusions by DragonForce, which in recent months claimed responsibility for multiple high-profile breaches across different sectors in the US and Europe.

Mobilelink USA serves thousands of mobile users — a breach of this scale may expose personal data of many individuals. If the stolen data becomes public or gets sold on the dark web, it could trigger identity theft, targeted phishing, account hijacking, or other forms of fraud.

If you were a Cricket / Mobilelink customer — watch out for suspicious emails, calls, or messages. Change your passwords, enable two-factor authentication, and monitor for unusual account activity. This breach is a stark reminder that no service provider is immune to ransomware attacks — vigilance and personal security hygiene remain essential.