T-Mobile data breach exposed the personal info of more than 47 million people.

T-Mobile has confirmed that millions of current and former customers had their information stolen in a data breach, following reports of a hack over the weekend.


As part of its ongoing Data Breach Investigation, T-Mobile has confirmed the enormity of the stolen information.


Roughly 47.8 million current and former or prospective customers have been affected by the cyberattack on its systems, the carrier confirmed on Wednesday. Of that number, about 7.8 million are current T-Mobile postpaid accounts and the rest are prior or potential users who had applied for credit, the company added in a Press Release.


The company also said that 40 million records of former and prospective customers was taken, but that “no phone numbers, account numbers, PINs, passwords, or financial information were compromised.”


"In its last earnings report (PDF), T-Mobile said it had over 104 million customers."

But the company warned that approximately 850,000 active T-Mobile customer names, phone numbers and account PINs were in fact compromised, and that customer names, phone numbers and account PINs were exposed.


T-Mobile said it has reset those customer PINs. T-Mobile said it was “recommending all postpaid customers” to proactively change their account PIN, which protects their accounts from SIM-swapping attacks.


T-Mobile

The data in the stolen files contained critical personal information included first and last names, dates of birth, Social Security numbers, and driver’s license / ID numbers — the kind of information you could use to set up an account in someone else’s name or hijack an existing one.


"T-MOBILE FOUND OUT ABOUT THE BREACH BASED ON A FORUM POST"

That isn’t the end of it, either, as over 850,000 prepaid T-Mobile customers were also victims of the breach, and for them, the exposed data includes “names, phone numbers, and account PINs.


The notice includes boilerplate language that “We take our customers’ protection very seriously,” but it rings especially hollow from T-Mobile considering that this is at least the fourth data breach exposed in the last few years, including one in January. According to the company’s statement, its investigation began based on a report of someone claiming in an online forum that they had compromised T-Mobile’s servers.


A Twitter account advertising stolen data for sale claimed the attack affected all 100 million customers and included IMEI / IMSI data for 36 million customers that could uniquely identify specific devices or SIM cards, but T-Mobile’s announcement does not confirm that is the case.


T-Mobile says it will publish a dedicated website with information for customers later today. It’s offering two years of free identity protection services from McAfee, recommends postpaid customers change their PIN, and mentions its Account Takeover Protection capabilities to prevent SIM-swapping attacks.


This is the fifth time that T-Mobile was hacked in recent years, following incidents as recently as January and other incidents dating back to 2018.

628 views