Wednesday, April 30, 2025
HomeCyber AttackT-Mobile Hacked - Attackers Accessed Over 37M Sensitive Data

T-Mobile Hacked – Attackers Accessed Over 37M Sensitive Data

Published on

SIEM as a Service

Follow Us on Google News

T-Mobile recently confirmed another hack, the second this year and ninth since 2018, revealing customer data and account PINs.

While T-Mobile confirmed a recent system detection that revealed a threat actor had accessed a small number of accounts, which compromised limited information.

836 customers were affected by the intrusion, which commenced on February 24 and continued till March 30.

- Advertisement - Google News

Once T-Mobile discovered the breach on March 27, they reset customers’ account PINs to swap SIM cards and authorize critical account changes.

Types of Data Involve

Here below, we have mentioned the types of data involve:-

  • Full name
  • Contact information
  • Account number
  • Associated phone numbers
  • T-Mobile account PIN
  • Social security number
  • Government ID
  • Date of birth
  • Balance due
  • Email addresses
  • Internal codes
  • Billing addresses

What Happened?

T-Mobile’s security measures worked as intended in March 2023, alerting them to unauthorized activity.

During late February through March 2023, a threat actor gained access to restricted data from a few T-Mobile accounts, as revealed by their security system.

This year’s second T-Mobile hack is the ninth security breach since 2018, and in January, the misuse of T-Mobile’s application programming enabled threat actors to access 37 million customers’ data.

What Is T-Mobile Doing?

Despite having several safeguards to prevent unauthorized access, T-Mobile acknowledges the need to enhance its security measures continually. 

They take such incidents seriously, apologize for the breach, and are working towards improving the security of customers’ information.

T-Mobile reset their customers’ T-Mobile Account PIN to safeguard their accounts. Additionally, they provide free identity theft detection services and credit monitoring for two years through Transunion’s myTrueIdentity.

Moreover, T-Mobile conducts a thorough investigation to understand unauthorized activity and improve its safeguards to prevent such incidents from happening again.

Recommendation

Here below, we have mentioned all the recommendations offered by T-Mobile:-

  • Review your account information as soon as possible to ensure everything is correct.
  • Make sure to update your PIN with an updated one, and if you need help updating your PIN, call 18009378997 or go to T-Mobile.com or log into T-Mobile.com.
  • Monitoring the activity on the account is an important part of staying vigilant.
  • Take advantage of your free credit reports by monitoring them regularly.
  • Don’t forget to review your security settings for your email, financial account, and other accounts regularly.
  • Use T-Mobile’s security features like Account Takeover Protection, number transfer PINs, two-step verification, free scam protection with Scam Shield, SIM Protection, a security dashboard, and more.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Trellix Launches Phishing Simulator to Help Organizations Detect and Prevent Attacks

Trellix, a leader in cybersecurity solutions, has unveiled its latest innovation, the Trellix Phishing...

AiTM Phishing Kits Bypass MFA by Hijacking Credentials and Session Tokens

Darktrace's Security Operations Center (SOC) in late 2024 and early 2025, cybercriminals have been...

Nitrogen Ransomware Uses Cobalt Strike and Log Wiping in Targeted Attacks on Organizations

Threat actors have leveraged the Nitrogen ransomware campaign to target organizations through deceptive malvertising...

Researchers Reveal Threat Actor TTP Patterns and DNS Abuse in Investment Scams

Cybersecurity researchers have uncovered the intricate tactics, techniques, and procedures (TTPs) employed by threat...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Trellix Launches Phishing Simulator to Help Organizations Detect and Prevent Attacks

Trellix, a leader in cybersecurity solutions, has unveiled its latest innovation, the Trellix Phishing...

AiTM Phishing Kits Bypass MFA by Hijacking Credentials and Session Tokens

Darktrace's Security Operations Center (SOC) in late 2024 and early 2025, cybercriminals have been...

Nitrogen Ransomware Uses Cobalt Strike and Log Wiping in Targeted Attacks on Organizations

Threat actors have leveraged the Nitrogen ransomware campaign to target organizations through deceptive malvertising...