Tuesday, June 18, 2024

T-Mobile Hacked – Attackers Accessed Over 37M Sensitive Data

T-Mobile recently confirmed another hack, the second this year and ninth since 2018, revealing customer data and account PINs.

While T-Mobile confirmed a recent system detection that revealed a threat actor had accessed a small number of accounts, which compromised limited information.

836 customers were affected by the intrusion, which commenced on February 24 and continued till March 30.

Once T-Mobile discovered the breach on March 27, they reset customers’ account PINs to swap SIM cards and authorize critical account changes.

Types of Data Involve

Here below, we have mentioned the types of data involve:-

  • Full name
  • Contact information
  • Account number
  • Associated phone numbers
  • T-Mobile account PIN
  • Social security number
  • Government ID
  • Date of birth
  • Balance due
  • Email addresses
  • Internal codes
  • Billing addresses

What Happened?

T-Mobile’s security measures worked as intended in March 2023, alerting them to unauthorized activity.

During late February through March 2023, a threat actor gained access to restricted data from a few T-Mobile accounts, as revealed by their security system.

This year’s second T-Mobile hack is the ninth security breach since 2018, and in January, the misuse of T-Mobile’s application programming enabled threat actors to access 37 million customers’ data.

What Is T-Mobile Doing?

Despite having several safeguards to prevent unauthorized access, T-Mobile acknowledges the need to enhance its security measures continually. 

They take such incidents seriously, apologize for the breach, and are working towards improving the security of customers’ information.

T-Mobile reset their customers’ T-Mobile Account PIN to safeguard their accounts. Additionally, they provide free identity theft detection services and credit monitoring for two years through Transunion’s myTrueIdentity.

Moreover, T-Mobile conducts a thorough investigation to understand unauthorized activity and improve its safeguards to prevent such incidents from happening again.

Recommendation

Here below, we have mentioned all the recommendations offered by T-Mobile:-

  • Review your account information as soon as possible to ensure everything is correct.
  • Make sure to update your PIN with an updated one, and if you need help updating your PIN, call 18009378997 or go to T-Mobile.com or log into T-Mobile.com.
  • Monitoring the activity on the account is an important part of staying vigilant.
  • Take advantage of your free credit reports by monitoring them regularly.
  • Don’t forget to review your security settings for your email, financial account, and other accounts regularly.
  • Use T-Mobile’s security features like Account Takeover Protection, number transfer PINs, two-step verification, free scam protection with Scam Shield, SIM Protection, a security dashboard, and more.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus

Website

Latest articles

Singapore Police Arrested Two Individuals Involved in Hacking Android Devices

The Singapore Police Force (SPF) has arrested two men, aged 26 and 47, for...

CISA Conducts First-Ever Tabletop Exercise Focused on AI Cyber Incident Response

On June 13, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) made history by...

Europol Taken Down 13 Websites Linked to Terrorist Operations

Europol and law enforcement agencies from ten countries have taken down 13 websites linked...

New ARM ‘TIKTAG’ Attack Impacts Google Chrome, Linux Systems

Memory corruption lets attackers hijack control flow, execute code, elevate privileges, and leak data.ARM's...

Operation Celestial Force Employing Android And Windows Malware To Attack Indian Users

A Pakistani threat actor group, Cosmic Leopard, has been conducting a multi-year cyber espionage...

Hunt3r Kill3rs Group claims they Infiltrated Schneider Electric Systems in Germany

The notorious cybercriminal group Hunt3r Kill3rs has claimed responsibility for infiltrating Schneider Electric's systems...

Hackers Employing New Techniques To Attack Docker API

Attackers behind Spinning YARN launched a new cryptojacking campaign targeting publicly exposed Docker Engine...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles