T-Mobile confirms data stolen includes personal information

Tech giant T-Mobile has confirmed that millions of customers have had their data breached during a cyberattack

T-Mobile has confirmed that millions of customers have had their data stolen during a hack. Data from 7.8m postpaid, 850,000 prepaid, and records from 40m former and prospective customers were breached.

The stolen information included customers’ full names, dates of birth, social security numbers, and IDs such as driver’s licenses, the Bellevue, Washington-based company said in a statement today (Wednesday 18th). The hack doesn’t appear to have included credit card details or other financial information, it said.
 

When did the hack happen?


Late last week the company was informed of claims made in an online forum that a bad actor had compromised T-Mobile systems. They immediately began an exhaustive investigation into these claims and brought in world-leading cybersecurity experts to help with the assessment.

The alleged hacker told Motherboard that the data belonged to “T-Mobile USA” customers and contains everything from names, social security numbers, and phone numbers, to home addresses and driver license information. The news site said it was able to confirm the accuracy of the stolen data after reviewing a sample.

The perpetrator is asking for 6 bitcoin — currently worth about $285,000, just for a portion of the data, which would consist of 30 million social security numbers and driver's licenses.

 

Taking precautionary measures

 

As a result of this hack, T-Mobile is taking steps to help protect all of the individuals who may be at risk from this cyberattack.

  • Immediately offering 2 years of free identity protection services with McAfee’s ID Theft Protection Service.
  • Recommending all T-Mobile postpaid customers proactively change their PIN by going online into their T-Mobile account or calling our Customer Care team by dialing 611 on your phone. This precaution is despite the fact that we have no knowledge that any postpaid account PINs were compromised.
  • Offering an extra step to protect your mobile account with our Account Takeover Protection capabilities for postpaid customers, which makes it harder for customer accounts to be fraudulently ported out and stolen.
  • Publishing a unique web page for one stop information and solutions to help customers take steps to further protect themselves. 

This is not the first data breach T-Mobile has experienced. In January, T-Mobile had a data breach that saw cybercriminals steal about 200,000 call records and other subscriber data. Last year, T-Mobile had two incidents,  there was a breach on its email systems that saw hackers access some T-Mobile employee email accounts and access customer data; and a breach of a million prepaid customers’ personal and billing information months later. 

 

Share

Featured Articles

Hiddenlayer CSO Tells Why It Made an AI Security Council

Chief Security & Trust Officer at HiddenLayer Malcolm Harkins explains why the company felt the need to create an AI Security Council and its objectives

Cooperation Key Theme at Microsoft Endpoint Security Summit

The Microsoft Endpoint Security Summit brought together leaders in the cybersecurity industry to discuss strategies for securing endpoints on Windows

Why the UK is Listing Data Centres as Critical Cyber Assets

Being Western Europe's leader in number of Data Centres, the UK has decided to take steps to ensure they receive adequate protection from cyber threats

Trustwave Reveals the Financial Sector's Cyber Threats

Cyber Security

TCS and Google Cloud Join for Solution to Secure the Cloud

Technology & AI

Cybersecurity Conglomerate Reveals Threats Facing Consumers

Cyber Security