Article
Network Security

T-Mobile confirms data stolen includes personal information

By Tilly Kenyon
August 18, 2021
undefined mins
Share
Tech giant T-Mobile has confirmed that millions of customers have had their data breached during a cyberattack

T-Mobile has confirmed that millions of customers have had their data stolen during a hack. Data from 7.8m postpaid, 850,000 prepaid, and records from 40m former and prospective customers were breached.

The stolen information included customers’ full names, dates of birth, social security numbers, and IDs such as driver’s licenses, the Bellevue, Washington-based company said in a statement today (Wednesday 18th). The hack doesn’t appear to have included credit card details or other financial information, it said.
 

When did the hack happen?


Late last week the company was informed of claims made in an online forum that a bad actor had compromised T-Mobile systems. They immediately began an exhaustive investigation into these claims and brought in world-leading cybersecurity experts to help with the assessment.

The alleged hacker told Motherboard that the data belonged to “T-Mobile USA” customers and contains everything from names, social security numbers, and phone numbers, to home addresses and driver license information. The news site said it was able to confirm the accuracy of the stolen data after reviewing a sample.

The perpetrator is asking for 6 bitcoin — currently worth about $285,000, just for a portion of the data, which would consist of 30 million social security numbers and driver's licenses.

 

Taking precautionary measures

 

As a result of this hack, T-Mobile is taking steps to help protect all of the individuals who may be at risk from this cyberattack.

  • Immediately offering 2 years of free identity protection services with McAfee’s ID Theft Protection Service.
  • Recommending all T-Mobile postpaid customers proactively change their PIN by going online into their T-Mobile account or calling our Customer Care team by dialing 611 on your phone. This precaution is despite the fact that we have no knowledge that any postpaid account PINs were compromised.
  • Offering an extra step to protect your mobile account with our Account Takeover Protection capabilities for postpaid customers, which makes it harder for customer accounts to be fraudulently ported out and stolen.
  • Publishing a unique web page for one stop information and solutions to help customers take steps to further protect themselves. 

This is not the first data breach T-Mobile has experienced. In January, T-Mobile had a data breach that saw cybercriminals steal about 200,000 call records and other subscriber data. Last year, T-Mobile had two incidents,  there was a breach on its email systems that saw hackers access some T-Mobile employee email accounts and access customer data; and a breach of a million prepaid customers’ personal and billing information months later. 

 

cyberattackDataBreach
Share
Latest

Digital Magazine

Read Now
Read the latest Digital Magazine today!

Featured Articles

Cisco Talos: Tracking Ransomware’s 35 Year Evolution

Martin Lee, Technical Lead for Security Research, Cisco Talos highlights how the ransomware landscape has shifted across the last 35 years

Resilience: Firms Fail to Grasp Cyber Financial Impact

Resilience and YouGov survey reveals 74% of mid to large UK businesses face cybercrime, while ransomware understanding lags behind data breach concerns

SonicWall and CrowdStrike Unite for SMB Security Service

SonicWall partners with endpoint protection specialist CrowdStrike to offer managed detection and response capabilities through managed service providers

FS-ISAC CISO Talks Cyber Strategies for Financial Providers

Cyber Security

Darktrace Reports 692% Surge in Black Friday Cyber Scams

Cyber Security

KnowBe4 Launches AI Agents to Counter Phishing Threats

Technology & AI