T-Mobile Suffered Data Breach

July 18, 2023

T-Mobile has suffered its second major data breach in two years. It believes a “bad actor” used an API to access personal information from 37 million current postpaid and prepaid customers, both postpaid and prepaid.

T-Mobile first discovered the hacker on January 5 and promptly shut him down a day later. While T-Mobile doesn’t know who committed the breach or what information was stolen, it notes that none of the data contained passwords, PINs, bank account or credit card info, Social Security numbers or other government IDs.

Personal Information Leaked

T-Mobile revealed on Thursday a data breach affecting 37 million accounts. This breach was caused by hackers accessing an application programming interface (API) used for customer account management, giving them names, billing addresses, email addresses, phone numbers, dates of birth and T-Mobile account numbers for those affected, according to T-Mobile’s regulatory filing.

T-Mobile notified affected customers on January 5 and was able to stop malicious activity within one day of notification. Despite its efforts, the API failed to release other personal information like credit card numbers or Social Security numbers.

T-Mobile informed investors of its investigation and had notified law enforcement agencies. Additionally, it has been working with a cybersecurity firm to determine how the hacker gained access to its systems and what they did with the data.

T-Mobile recently suffered its second major data breach in two years, raising serious concerns. Analysts are concerned that T-Mobile isn’t doing enough to protect customer data.

Though the company has made progress in that area, it still lags behind competitors when it comes to protecting customer data. Since 2018, eight cybersecurity incidents have taken place – including the SIM-swapping attack of 2022 – leaving it with a reputation for inadequacy.

In August 2021, T-Mobile revealed their network had been breached by Lapsus$ extortion group. Nearly 77 million customers’ personal information including names, addresses, phone numbers and International Mobile Equipment Identity (IMEI) numbers was exposed.

T-Mobile reported that the breach only exposed a small fraction of their customer data. Furthermore, they stated that attackers only obtained access to “basic personal and account information.”

It’s likely that these personal details were sold on the dark web for use in identity theft. Scammers could potentially use them to make purchases online, open new lines of credit in your name, obtain loans and other types of financial services.

T-Mobile is offering two years of free identity protection services with McAfee’s ID Theft Protection Service to any affected customer who requests it. Furthermore, T-Mobile will reimburse affected customers for unauthorized charges and fees incurred as a result of the theft.

Social Security Numbers Leaked

T-Mobile Breach Affects 37 Million Accounts

On Tuesday, wireless giant T-Mobile revealed a data breach that compromised 37 million customer accounts. The attacker used one of T-Mobile’s Application Programming Interfaces (APIs) to access customer information that had been stored since November 25.

T-Mobile reported that the hackers gained access to customer account numbers, billing addresses, email addresses, phone numbers and dates of birth. They did note that these hackers only accessed customer account numbers and plan features but did not possess passwords or payment info.

Even though this information wasn’t the most sensitive, it can still be beneficial to identity thieves. They could use it to open accounts in your name without authorization and create new lines of credit in your name without you knowing about it.

If you believe your information may have been exposed in the T-Mobile Breach, reach out to your bank, credit card issuer or other financial institution and ask them to monitor any new accounts opened in your name. Furthermore, you can place a free fraud alert or credit freeze on your file to make it harder for thieves to use stolen data.

From the T-Mobile Breach, some information was leaked. This includes IMEI numbers – long strings of digits that uniquely identify each phone – as well as how well-worn your device was. Furthermore, hackers likely logged into your device in order to learn more about your habits and possibly start scams before you know about them.

Although many may not be alarmed by this latest data breach or other recent ID theft incidents, criminals remain on the loose. There are various types of fraud schemes out there, and they’re becoming more sophisticated every day.

That is why it is always essential to change your password and PIN on your account, particularly if you’ve noticed any strange activities or received emails or text messages that don’t belong to you. Furthermore, signing up for two years of credit monitoring services can keep an eye on things and report suspicious activity if it occurs.

Phone Numbers Leaked

T-Mobile Prepaid customers’ names, phone numbers and PINs were recently leaked by a hacker. To prevent further breaches of customer information, the company reset all passwords associated with affected accounts and has provided two years of protection against unauthorized access to customer data.

T-Mobile has suffered four data breach since August 2018, leading to the exposure of 76 million accounts in 2021. As part of a class action settlement this June, they agreed to pay $350 million and invest $150 million into cyber security initiatives between 2022 and 2023.

Vice and Motherboard recently reported on a T-Mobile breach that involved an improperly configured API that exposed basic client information such as names and addresses. Although T-Mobile insisted no credit card details or social security numbers had been compromised, this data proved valuable to hackers and could be utilized in various attacks such as phishing, smishing or vishing attempts, according to Erich Kron from KnowBe4, CEO of KnowBe4.

In addition to the names and phone numbers of T-Mobile prepaid customers, the data also included IMEI (international mobile equipment identity) records for millions of devices. IMEIs are unique codes assigned to each phone that allow it to be identified globally.

These IMEIs are essential components of T-Mobile’s network that enables wireless devices to access its service. Furthermore, these IMEIs verify a customer’s identity when setting up a new account.

T-Mobile has been actively combatting scammers who use SIM swapping techniques, which give them control of a user’s phone and account. A cybercrook may also trick victims into switching their SIM to another carrier’s SIM, leading to the bank account being depleted and personal data being stolen.

T-Mobile prepaid users Veronica Burgos and Ivanka Dalangin both suffered these types of attacks, losing their money. When they called T-Mobile to report their problems, the prepaid company quickly shut down the hackers’ account and informed them of the breach. Furthermore, T-Mobile assured affected customers that any money paid for products or services would be refunded.

Credit Card Information Leaked

T-Mobile recently suffered its second major data breach in two years, impacting 37 million accounts. This time, a threat actor exploited an API which allowed them to steal personal information from customers.

The company is currently cooperating with law enforcement, seeking external cyber experts and notifying customers and stakeholders of their activities. It expects to identify who the bad actors are and what they did.

T-Mobile revealed that hackers exploited an issue in one of its application programming interfaces (APIs) to obtain personal data, including names, billing addresses, emails, phone numbers, dates of birth and account information. While T-Mobile did not disclose how the API was accessed, threat actors often find vulnerabilities in such software which allow them to gain access to internal data without authenticating first.

Credit card information, if stolen, could lead to identity theft. Thieves could use it to open new accounts in the victim’s name and purchase products or services through online retailers.

Experts predict the amount of sensitive information collected from the T-Mobile breach will make it easier for hackers to commit scams and other crimes. It also gives them access to SIM swapping – when a consumer’s phone number is transferred over to another device without their control over their account – making it more challenging to detect fraudulent activity.

Mark Stamford, CEO of security firm OccamSec, highlighted the potential damage that scammers can do with this data. “At scale,” he told Wired, “this attack is unlike anything else I’ve encountered in my career.”

He noted that this issue is far more significant than the T-Mobile breach, making it essential to have adequate resources to safeguard yourself. Customers’ personal information could be used for malicious software downloads or phishing scams, or it could even be used to fraudulently open new accounts in someone else’s name in order to siphon off funds.

Although it’s too soon to determine how many credit cards were affected by this breach, the company has made progress in patching up security flaws that allowed hackers to in. They’re also allowing consumers to change their passwords and PINs, helping prevent further unauthorized access.

Ammar Fakhruddin

ABOUT AUTHOR

Ammar brings in 18 years of experience in strategic solutions and product development in Public Sector, Oil & Gas and Healthcare organizations. He loves solving complex real world business and data problems by bringing in leading-edge solutions that are cost effective, improve customer and employee experience. At Propelex he focuses on helping businesses achieve digital excellence using Smart Data & Cybersecurity solutions.


Data Security Through Data Literacy

Data Security Through Data Literacy

Unlocking data security through data literacy. Explore the pivotal role of understanding data in fortifying cybersecurity measures. Data is now pervasive, and it is important for people to understand how to work with this information. They need to be able to interpret...

Trojan Rigged Tor Browser Bundle Drops Malware

Trojan Rigged Tor Browser Bundle Drops Malware

Trojan Rigged Tor Browser Bundle drops malware. Stay vigilant against cybersecurity threats, and secure your online anonymity with caution. Threat actors have been using Trojanized installers for the Tor browser to distribute clipboard-injector malware that siphons...

Siri Privacy Risks: Unveiling the Dangers

Siri Privacy Risks: Unveiling the Dangers

Unveiling Siri privacy risks: Understand the potential dangers and take steps to enhance your digital assistant's security. Siri is a great piece of technology, but it can also be dangerous to users’ privacy. This is a serious issue that should be addressed....

Recent Case Studies

Press Releases

News & Events

Solutions

Managed Security Services
Security & Privacy Risk Assessment
Cloud Platform Security
Incident Response & Business Continuity

Penetration Testing

Virtual CISO

Email Security & Phishing

Resources

Blog

About Us