Cybersafetyconnections May 22, 2923 vol#118
- Mobile has experienced a second data breach this year 2023.
- Details of what, when, how and information compromised are discussed below.
- Steps taken to mitigate data breach by T-Mobile have been provided.
- Summary of previous data breaches has been provided as well.
T-Mobile, my mobile cellphone carrier, has disclosed another data breach, and this time it affected the personal information of around 836 customers.T-Mobile discloses second data breach in 2023
Although this might seem like a small number compared to the previous breach that impacted millions of people, the amount of data exposed is still quite extensive. This puts the affected individuals at risk of identity theft and phishing attacks, which is really concerning.
When did this happen?
According to the notification letters sent to the affected individuals on Friday, April 28, 2023, the company reported that they were able to detect unauthorized activity in March 2023, which allowed them to determine that a bad actor gained access to limited information from a small number of T-Mobile accounts between late February and March 2023.
That is about a month of the bad actors having unauthorized access to customers data!
How was it discovered?
The data breach was discovered by T-Mobile’s security measures put in place in March 2023 to detect unauthorized activity.
Which information was compromised?
The personal information of affected customers was accessed and may include full name, contact information, account number, T-Mobile account PIN, social security number, government ID, date of birth, balance due, internal codes used to service customer accounts, and the number of lines. Fortunately, call records and personal financial account information were not exposed.
Although customers 836 might seem like a small number compared to the previous breach that impacted millions of people, the amount of data exposed is still quite extensive. This puts the affected individuals at risk of identity theft and phishing attacks, which is really concerning.
Steps were taken to mitigate data breach?
T-Mobile responded proactively by resetting impacted customers’ account PINs and offering them two years of free credit monitoring and identity theft detection services through Transunion myTrueIdentity.
Prior data breaches
- Second data breach disclosed in 2023
This is the second such incident T-Mobile has revealed since the start of the year, with the previous data breach disclosed on January 19, after attackers stole the personal information of 37 million customers by abusing a vulnerable Application Programming Interface (API) in November 2022.
The mobile carrier spotted the threat actors’ malicious activity on January 5 and cut off their access to its systems within 24 hours. T-Mobile described the data stolen in the January breach as “basic customer information,” including “name, billing address, email, phone number, date of birth, T-Mobile account number and information such as the number of lines on the account and plan features.”
Since 2018, the mobile carrier has disclosed seven other data breaches, including one that exposed the information of roughly 3% of all T-Mobile customers.
Other incidents reported by T-Mobile during the last few years include:
- In 2019, T-Mobile exposed the account information of an undisclosed number of prepaid customers.
- In March 2020, T-Mobile employees were affected by a data breach exposing their personal and financial information.
- In December 2020, threat actors accessed customer proprietary network information (phone numbers, call records).
- In February 2021, an internal T-Mobile application was accessed by unknown attackers without authorization.
- In August 2021, hacker’s brute-forced their way through the carrier’s network following a breach of a T-Mobile testing environment.
- In April 2022, the Lapsus$ extortion gang breached T-Mobile’s network using stolen credentials.
Subscribe to get the latest blog post.