Tuesday, May 28, 2024

T-Mobile Hacked – Over 37 Million Customer Data Exposed

T-Mobile US, Inc. discovered that a malicious attacker was illegally accessing data through a single Application Programming Interface (“API”).

The research revealed that the threat actors accessed information for about 37 million active postpaid and prepaid customer accounts using this API, however many of these accounts did not include the complete data set.

A software interface or mechanism known as an API is frequently used by applications or computers to communicate with one another. Many online web services use APIs so that, as long as the proper authentication tokens are passed, their online apps or external partners can get internal data.

T-Mobile Hacked 37 Million Customer Data Exposed

Reports stated that no customer payment card information (PCI), social security or tax identification numbers, driver’s license or other government ID numbers, passwords or PINs, or other financial account information were accessible through the API that was misused by the bad actor, so none of this information was disclosed.

The impacted API is only able to give a small subset of customer account data, such as name, billing address, email, phone number, date of birth, T-Mobile account number, and details like the account’s line count and plan features.

“The preliminary result from our investigation indicates that the bad actor(s) obtained data from this API for approximately 37 million current postpaid and prepaid customer accounts, though many of these accounts did not include the full data set”, T-Mobile reports.

The malicious actor is suspected to have accessed the impacted API for the first time starting on or about November 25, 2022.

The firm is actively looking into the unauthorized behavior, has informed a number of federal agencies about it, and is cooperating with law enforcement at the same time.

According to applicable state and federal regulations, the firm has also started alerting customers whose information may have been accessed by the bad actor.

“Our investigation is still ongoing, but the malicious activity appears to be fully contained at this time, and there is currently no evidence that the bad actor was able to breach or compromise our systems or our network,” T-Mobile.

Data from T-prepaid Mobile’s users was leaked in 2019. In March 2020, unidentified threat actors also gained access to the email accounts of T-Mobile employees.

In March 2020, unidentified threat actors also gained access to the email accounts of T-Mobile employees.

Following a compromise of the carrier’s testing environments, hackers brute-forced their way into T-network Mobile in August 2021.

Additionally, the company acknowledged in April 2022 that the Lapsus$ extortion group had accessed its network using credentials that were stolen.

Network Security Checklist – Download Free E-Book


Latest articles

GNOME Remote Desktop Vulnerability Let Attackers Read Login Credentials

GNOME desktop manager was equipped with a new feature which allowed remote users to...

Kesakode: A Remote Hash Lookup Service To Identify Malware Samples

Today marks a significant milestone for Malcat users with the release of version 0.9.6,...

Cisco Firepower Vulnerability Let Attackers Launch SQL Injection Attacks

 A critical vulnerability has been identified in Cisco Firepower Management Center (FMC) Software's web-based...

Hackers Exploit WordPress Plugin to Steal Credit Card Data

Hackers have exploited an obscure WordPress plugin to inject malware into websites, specifically targeting...

Google Patches Chrome Zero-Day: Type Confusion in V8 JavaScript

Google has released a patch for a zero-day exploit in its Chrome browser.The...

Hackers Created Rogue VMs in Recent MITRE’s Cyber Attack

State-sponsored hackers recently exploited vulnerabilities in MITRE's Networked Experimentation, Research, and Virtualization Environment (NERVE).They...

Hackers Weaponizing Microsoft Access Documents To Execute Malicious Program

In multiple aggressive phishing attempts, the financially motivated organization UAC-0006 heavily targeted Ukraine, utilizing...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles