The compromised T-Mobile customers’ data includes names, dates of birth, email addresses, billing addresses, and more.
The telecom giant T-Mobile has been hacked again. On Thursday, T-Mobile published a regulatory filing stating that a threat actor managed to access the data of millions of its current customers.
The data breach occurred in November 2022. According to T-Mobile Inc., the breach was discovered on January 5th, 2023 after which law enforcement officials were informed. The company also contacted cybersecurity consultants.
This should not come as a surprise, since T-Mobile has a history of suffering large-scale data breaches. In April 2022, Lapsus$ hackers stole and sold T-Mobile’s source code along with its system’s data. In December 2021, T-Mobile suffered a data breach that exposed its customers to SIM-SWAPPING attacks.
In August 2021, a hacker sold 200 million T-Mobile customers’ account info on the dark web. Then, in January 2021, T-Mobile announced yet another security breach in which the company exposed user call records and phone numbers. The list of T-Mobile data breaches goes on and on…
As for the latest breach, T-Mobile claims the hacker had gained access to the data by November 25th, 2022, after which the company initiated efforts to halt the malicious activity.
T-Mobile says it hired an external cybersecurity team to probe the incident, and eventually, they discovered the source of the breach one day after discovering the attack. The breach impacted 37 million of its customers, while the accessed data includes the following:
- Dates of birth
- Email addresses
- Billing addresses
- T-Mobile account numbers
- Details on service subscription.
The data that wasn’t accessed includes Social Security numbers, government ID numbers, credit card information, passwords, PINs, and financial data.
However, cybersecurity experts believe this information is relatively easy to obtain, given that hackers can use the available data to launch scams and steal the impacted customers’ identities or funds.
T-Mobile didn’t mention what it would do to address the situation. The company noted that the breach would significantly affect it financially.
According to the filing, T-Mobile has begun notifying its customers whose information has been disclosed in this breach. It stated that the investigation is still underway, but they believe the threat has been mitigated, and its systems and network weren’t hacked.
“Protecting our customers’ data remains a top priority. We will continue to make substantial investments to strengthen our cybersecurity program,” T-Mobile stated in its filing.
- Hackers Breach TPG Telecoms’ Email Host to Steal Data
- Spanish telecom MasMovil hit by Revil ransomware gang
- Onyx Fms: Monitor & Prevent Telecom Fraud In Real-time
- Croatian Police arrests minor over A1 Telecom data breach
- Australia’s 2nd-largest telecom firm suffered massive breach
- Telecom firm behind routing SMS discloses 5-year-long breach