T-Mobile Leaks Customer Data in Another Data Breach: 37 Million Accounts Affected

T-Mobile reported on January 19, 2023 that it sustained data breach: a bad actor extracted limited information from its customers’ accounts. Up to 37 million prepaid and postpaid accounts were affected by this T-Mobile breach, but no financial and password information was lost. The threat actor extracted only basic information like customer name, email, address, phone numbers, and subscription plan features.

This is not T-Mobile’s first breach in recent years. Since 2018, the company has been affected by 7 other security breaches that resulted in the loss of internal data. Attackers obtained customer information and T-Mobile account information each time. If you have an account with T-Mobile, make sure you take all security precautions to encrypt your network and protect your digital identity from threat actors.

Attackers Gained Access through an API 

T-Mobile believes the initial breach happened on November 25, 2022, but the threat actor extracted more data on January 5th, 2023 through the same application programming interface (API) it initially used. The company said that it has notified federal agencies and it started to reach out to affected customers.

An API is a way for software to easily and automatically retrieve data from a database. This means that APIs can provide an obvious gateway for hackers to access private information. When authentication measures are not properly implemented, malicious actors can bypass API restrictions and potentially access sensitive customer data. 

T-Mobile tried to downplay its claims that the breached API could only provide hackers with limited information about account data such as names, email addresses, phone numbers, and billing addresses. But that is a great deal of personal information… and more than 37 million customers are affected by this cybersecurity event. 

And this breach is especially concerning since T-Mobile declared, back in 2021, that they will enhance its cybersecurity capabilities.

As we have previously disclosed, in 2021, we commenced a substantial multi-year investment working with leading external cybersecurity experts to enhance our cybersecurity capabilities and transform our approach to cybersecurity. We have made substantial progress to date, and protecting our customers’ data remains a top priority. We will continue to make substantial investments to strengthen our cybersecurity program.”

It’s unclear what T-Mobile will do next as the carrier just finished finalizing the 2021 court settlement of a cyberattack that exposed more than 70 million customers. And so, another class action lawsuit might be on the horizon.

8 Data Breaches in Less than 5 Years

As mentioned, this massive security breach is just one in a series of 7 other breaches that occurred since 2018. This raises questions about T-Mobile’s dedication to improving cybersecurity measures and protecting its customers’ data.

          • In 2018, T-Mobile leaked 3% of its customer information to attackers that managed to extract customer names, email addresses, phone numbers, and account data. 
          • In 2019, a number of T-Mobile accounts were accessed by unauthorized third parties. 
          • In 2020, the company suffered 2 major data breaches that exposed personal, financial, and proprietary network information including phone call records.
          • In 2021 an even more serious breach leaked the social security numbers and driver’s licenses of around 77 T-Mobile customers. And to top that off, in 2022, the Lapsus$ hacker group accessed T-Mobile internal software, which allowed them to  conduct SIM swaps (reassigning phone numbers to a different device).

Current and previous T-Mobile customers should be concerned about the safety of their data and start taking security measures of their own.

How to Protect Your Data if You Were Affected by the Breach

T-Mobile stated that the latest breach didn’t affect financial data or the customer accounts themselves. However, if you’re a T-Mobile customer, you should reconsider the way you trust the carrier with your information and take the following precautions:

  1. Change your password. According to T-Mobile, your password hasn’t been leaked, but nevertheless you should change it. Create an unhackable password to keep your account data safe.
  2. Use two-factor authentication. If a malicious actor gets your personal information and password through a data dump, they can access your account and financial data. Use 2FA to receive a temporary confirmation code for every single log-in attempt. It significantly decreases the chances of being hacked.
  3. Connect through a secure VPN. A lot of data leaks out through your network connection and browser. Use CyberGhost VPN on all your devices to encrypt your network, hide your real IP, and protect your digital identity from snoopers.
  4. Freeze your credit reports. Although this T-Mobile breach didn’t endanger your financial data, attackers can still use your personal information to try and steal your identity and use your credit. Contact the major credit companies and request your credit to be frozen. It doesn’t cost anything and it prevents anyone but you from opening new credit lines. 

Keep an eye out for updates about T-Mobile’s latest data breach. The investigation might reveal new information about your account and the data that leaked.

Leave a comment

Write a comment

Your email address will not be published. Required fields are marked*