Friday, December 8, 2023

T-Mobile Hacked – Over 37 Million Customer Data Exposed

T-Mobile US, Inc. discovered that a malicious attacker was illegally accessing data through a single Application Programming Interface (“API”).

The research revealed that the threat actors accessed information for about 37 million active postpaid and prepaid customer accounts using this API, however many of these accounts did not include the complete data set.

A software interface or mechanism known as an API is frequently used by applications or computers to communicate with one another. Many online web services use APIs so that, as long as the proper authentication tokens are passed, their online apps or external partners can get internal data.

T-Mobile Hacked 37 Million Customer Data Exposed

Reports stated that no customer payment card information (PCI), social security or tax identification numbers, driver’s license or other government ID numbers, passwords or PINs, or other financial account information were accessible through the API that was misused by the bad actor, so none of this information was disclosed.

The impacted API is only able to give a small subset of customer account data, such as name, billing address, email, phone number, date of birth, T-Mobile account number, and details like the account’s line count and plan features.

“The preliminary result from our investigation indicates that the bad actor(s) obtained data from this API for approximately 37 million current postpaid and prepaid customer accounts, though many of these accounts did not include the full data set”, T-Mobile reports.

The malicious actor is suspected to have accessed the impacted API for the first time starting on or about November 25, 2022.

The firm is actively looking into the unauthorized behavior, has informed a number of federal agencies about it, and is cooperating with law enforcement at the same time.

According to applicable state and federal regulations, the firm has also started alerting customers whose information may have been accessed by the bad actor.

“Our investigation is still ongoing, but the malicious activity appears to be fully contained at this time, and there is currently no evidence that the bad actor was able to breach or compromise our systems or our network,” T-Mobile.

Data from T-prepaid Mobile’s users was leaked in 2019. In March 2020, unidentified threat actors also gained access to the email accounts of T-Mobile employees.

In March 2020, unidentified threat actors also gained access to the email accounts of T-Mobile employees.

Following a compromise of the carrier’s testing environments, hackers brute-forced their way into T-network Mobile in August 2021.

Additionally, the company acknowledged in April 2022 that the Lapsus$ extortion group had accessed its network using credentials that were stolen.

Network Security Checklist – Download Free E-Book


Latest articles

Exploitation Methods Used by PlugX Malware Revealed by Splunk Research

PlugX malware is sophisticated in evasion, as it uses the following techniques to avoid...

TA422 Hackers Attack Organizations Using Outlook & WinRAR Vulnerabilities

Hackers exploit Outlook and WinRAR vulnerabilities because these widely used software programs are lucrative...

Bluetooth keystroke-injection Flaw: A Threat to Apple, Linux & Android Devices

An unauthenticated Bluetooth keystroke-injection vulnerability that affects Android, macOS, and iOS devices has been...

Atlassian Patches RCE Flaw that Affected Multiple Products

Atlassian has been discovered with four new vulnerabilities associated with Remote Code Execution in...

Reflectiz Introduces AI-powered Insights on Top of Its Smart Alerting System

Reflectiz, a cybersecurity company specializing in continuous web threat management, proudly introduces a new...

SLAM Attack Gets Root Password Hash in 30 Seconds

Spectre is a class of speculative execution vulnerabilities in microprocessors that can allow threat...

Akira Ransomware Exploiting Zero-day Flaws For Organization Network Access

The Akira ransomware group, which first appeared in March 2023, has been identified as...

Endpoint Strategies for 2024 and beyond

Converge and Defend

What's the pulse of Unified Endpoint Management and Security (UEMS) in Europe? Join us live to uncover the strategies that are defining endpoint security in the region.

Related Articles