Inside The TMobile Cybersecurity Breach

TMobile Cybersecurity Breach

We recently learned that a threat actor recently made statements taking responsibility for the hack on T-Mobile’s servers and databases that contain sensitive and confidential data of nearly 100 million customers. The forum user shared details of this data breach on a hacking forum, where the threat actor claimed to be selling a database for 6 Bitcoin, containing dates of birth, phone numbers, DL numbers, and Social Security numbers that belong to 30 million people.

T-Mobile confirmed on Monday, August 16 that it had been a victim of a data breach, but initially declined to say whether any of their customer’s personal information was accessed and exposed. T-Mobile also initially declined to share how widespread the damage was.

”We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed’, T-Mobile said in an early statement.” This investigation will take some time but we are working with the highest degree of urgency. Until we have completed this assessment, we cannot confirm the reported number of records affected or the validity of statements made by others.” The company’s acknowledgment of the data breach came after hackers made online statements that they were selling customer information.

After further investigation, officials with T-Mobile stated that customer names, Social Security numbers, and Driver’s License numbers of more than 40 million former and prospective customers that applied for credit were all exposed. The same data for nearly 7.8 million current T-Mobile postpaid customers was also compromised.

Additionally, there were phone numbers, account numbers, PIN numbers, passwords, or financial information from the nearly 50 million records and accounts that were compromised, it said. Prepaid customers were also affected by the data breach. It was revealed that  850,000 active prepaid customer names, phone numbers, and account pin numbers were exposed. T-Mobile also revealed that 667,000 accounts of past T- Mobile customers were accessed, and these accounts included customer names, phone numbers, addresses, and dates of birth.

In an updated statement released on August 20, T-Mobile stated there was “no indication that the data contained in the stolen files included any customer financial information, credit card information, debit or other payment information.” However, the information that was taken could be just as devastating as financial information.

What Is The Next Step For T-Mobile?

The gaps that were exploited were quickly closed by T-Mobile, so there are no current risks of additional data being exposed. Considering this is not the first breach to impact T-Mobile in 2021, we still expect the fallout to be critical.

As far as the former and current customers affected by this data breach, T-Mobile is reaching out to all customers who had their data exposed. T-Mobile is also providing support in several ways, including the following:

• Offering customers who think their data was exposed two years of free identity protection services with McAfee’s ID Theft Protection Service
• Recommending free scam-blocking protection through Scam Shield for any customers who are eligible
• Providing best practices and security steps like password and PIN resets

Additionally, T-Mobile advises all postpaid customers to make changes to their PIN by logging into their T-Mobile account or calling T-Mobile customer service. T-Mobile also recommends the Account Takeover Protection feature that will prevent unauthorized users from stealing phone numbers and porting it out of the T-Mobile network.

What To Do After The T-Mobile Data Breach

What should you do if you are a current or former T-Mobile user? Due to the nature of the data that was compromised, a password change may not make a significant impact because Social Security Numbers, addresses, and other sensitive information have been exposed. However, we do recommend keeping an extra close eye on your accounts and credit records for anything that raises a red flag. It is important to stay as safe as possible while you are online. We also recommend using the resources provided by T-Mobile.

This stolen data is being sold online, but if we have learned anything from the past data breaches, it is that some of the data will be posted online very soon. Scammers will take full advantage of as much information as they can to target current and former T-Mobile users with phishing scams and account takeovers.

T-Mobile customers should be careful and suspicious of future emails from T-Mobile because scammers and phishers will take advantage of the concern over this data breach to act as if they are a representative from T-Mobile. T-Mobile customers may even receive messages that include their compromised account details to dupe the customers into thinking the email or text message is legitimate.

Data stolen and exposed in this data breach may also be used for identity theft.  Whether customers invest in their own credit monitoring service, check their score occasionally, or use the services provided by T-Mobile, it is recommended that customers check their credit report to ensure there are no discrepancies. If someone opens accounts in someone’s name because he or she had access to confidential information, this information will appear on the credit report. Notifications can be received when a new account is opened or a credit score changes.

While credit monitoring and ID theft protection services can help victims recover if their identity has been stolen, most services will have no power to actually stop the identity theft from happening. If users want full control over who can view their credit or grant new lines of credit in their name, they may want to consider a security freeze.

Current T-Mobile customers who have not changed their account PIN may want to do that now. Whether a T-Mobile customer, AT&T customer, Verizon customer, etc., phone users may want to consider removing their phone numbers from online accounts if they can. We understand that many online services require you to provide a phone number to create an account, but sometimes you are able to remove the number from the account after it has been created.

If you want to make sure your business does not become a victim of a data breach like T-Mobile, we recommend implementing the right cybersecurity solutions to provide your business with the level of protection it needs. Contact us today to learn more about the T-Mobile data breach and how you can protect your Colorado business.