![]() In 2015, hackers stole personal information belonging to about 15 million T-Mobile wireless customers and potential customers in the US, which they obtained from the credit reporting agency Experian. T-Mobile has previously disclosed a number of data breaches over the years, including in November 2019 and August 2018, both of which involved unauthorized access to customer information. T-Mobile, which is based in Bellevue, Washington, became one of the country’s largest cellphone service carriers, along with AT&T and Verizon, after buying rival Sprint. The company has offered its customers two years of free identity protection services to ensure the protection of their personal information.Īccording to the statement, the company is coordinating with law enforcement agencies as they continue the investigation. ![]() The Guardian has reached out to T-Mobile for further clarification on whether this is confirmed. T-Mobile on Monday said it experienced a hack that exposed account PINs and other customer data in the company's second network intrusion this year and the ninth since 2018. In Monday’s statement, the company said that they are “confident” the point of entry for the hacking has been shut down. The company, which crossed 100 million users in November, shared the results of an investigation they announced just two days earlier when they confirmed claims that their data had been “illegally accessed”. These files did not include any financial information or social security of the users. They also shared that the attack had been going on since November but was only caught January 5 by T-Mobile’s security team. Some information, which the company did not specify, was also exposed from the billing fees of inactive prepaid accounts. The T-Mobile data breach exposed limited data about customers, including real names and addresses, phone numbers, account numbers, rate plans and billing. Last week, T-Mobile disclosed that the personally identifiable information (PII) of 37 million of its past and present customers had been breached in an API attack. Other information that has been recorded stolen include customers’ first and last names, date of birth and driver’s license information belonging to current and former postpaid customers. No Metro by T-Mobile, formerly Sprint prepaid, or Boost customers had their names or pins exposed. The company said that it proactively reset all of the pins on those accounts. This data could easily have been used over the past 6 months to exploit employees or their accounts to access internal systems.T-Mobile also confirmed that approximately 850,000 active T-Mobile prepaid customer names, phone numbers and account pins were exposed. ![]() It’s easy to see how data of this kind could be used to assist attackers with SIM swap attacks, identity theft, or more. Sources suggest this refers to “customer support calls”, though it’s unclear if they are recorded calls or transcribed calls with any sensitive data censored. However, the second source does mention “Customer data” as being a part of the leak. So far, there are claims that no customer data is involved in this particular breach. T-Mobile was issued two lawsuits following the breach of its data. That attack became part of a federal class-action lawsuit. Sunday, August 22: T-Mobile faces pair of lawsuits in wake of data breach. The second source claims the data includes sales data / analytics, T-Mobile support calls with customers, employee credentials, partial SSNs, email addresses and other unspecified customer data. T-Mobile was hacked twice last year, and in 2018, about 2.5 million customers had their data exposed in a network breach. They operate third party stores nationwide, with stores from California to New York to Florida. The data was leaked via a T-Mobile third party retailer called Connectivity Source.Ĭonnectivity Source is a third party “premium retailer” of T-Mobile service. This marks just the latest in a string of incidents going back to 2018, a massive stain on a company that once championed the 'Un. The data only became available online earlier today for sale on black market sites and places like Telegram and Discord. T-Mobile agreed to a 500 million settlement in that case in July. T-Mobile on Monday said it experienced a hack that exposed account PINs and other customer data in the companys second network intrusion this year and the ninth since 2018. The data was apparently accessed back in April, a mere 1 month after the March breach. Posted by msmash on Tuesday 03:20PM from the security-woes dept.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |