T-Mobile Announces a Data Breach

Mobile network provider T-Mobile has announced that they have suffered a data breach, which is the second they’ve had this year.

T-Mobile Data Breach

T-Mobile has been hit with their second data breach of 2023 which has been revealed following the company learning that attackers have had access to customer information for over a month. According to the information shared by bleepingcomputer.com, this incident has only affected 836 customers as opposed to the 37 million affected by the last one. T-Mobile claims that the measures they put in place following the previous breach had worked as designed which is bizarre as I don’t think it worked if the attackers had access to the information for over a month.

What Information Was Stolen?

The attackers didn’t gain access to call records or personal financial account info but they did gain identifiable personal information which is “more than enough data for identity theft”. The information exposed varied per customer but could’ve included “full name, contact information, account number, phone numbers, T-Mobile account PIN, social security number, government ID, date of birth, balance due, internal codes that T-Mobile uses to service customer accounts (for example, rate plan and feature codes), and the number of lines.” Following the breach, T-Mobile claimed to reset the account pins of affected customers.

This may have only affected a small number of customers but it apparently took them a month to notice which is far from good enough.