More seriously, I remember reading this paper: http://dsns.csie.nctu.edu.tw/research/crypto/HTML/PDF/C88/31... a few years back. That only guarantees the buyer's anonymity (the seller still has to deposit money in his bank which is, of course, traceable).
And I always liked the idea of 'assasination markets.' It isn't anonymous, but still pretty neat ... If I wanted a copy of TMobile's data, I could set up a prediction market where people could bet what hour TMobile's data would show up in my mailbox. Bets would cost, say $100 (to prevent random guessing), but would pay off $1,000,000 if you 'guessed' right. When TMobile's data shows up in my mailbox, I can pay the person who 'guessed' the right time.
I wonder if competitors who were offered the pwnership tipped off tmobile? Coordinated response at the demand side is probably the best way to discourage such criminals.
Anyone buying this? I don't think a spreadsheet with a list of servers and applications constitutes compelling evidence that they have "everything." There are probably hundreds or thousands of people at T-Mobile who could get this list.
If that list is accurate, it looks like they have customer information including personal data and call records (samson), and payment information (JPayment), plus technical data and info about offers given to "save" customers w/greater than 12 mos tenure. And other stuff, too.
