T-Mobile Hacked – Attackers Accessed Over 37M Sensitive Data

T-Mobile recently confirmed another hack, the second this year and ninth since 2018, revealing customer data and account PINs.

While T-Mobile confirmed a recent system detection that revealed a threat actor had accessed a small number of accounts, which compromised limited information.

836 customers were affected by the intrusion, which commenced on February 24 and continued till March 30.

Once T-Mobile discovered the breach on March 27, they reset customers’ account PINs to swap SIM cards and authorize critical account changes.

Types of Data Involve

Here below, we have mentioned the types of data involve:-

  • Full name
  • Contact information
  • Account number
  • Associated phone numbers
  • T-Mobile account PIN
  • Social security number
  • Government ID
  • Date of birth
  • Balance due
  • Email addresses
  • Internal codes
  • Billing addresses

What Happened?

T-Mobile’s security measures worked as intended in March 2023, alerting them to unauthorized activity.

During late February through March 2023, a threat actor gained access to restricted data from a few T-Mobile accounts, as revealed by their security system.

This year’s second T-Mobile hack is the ninth security breach since 2018, and in January, the misuse of T-Mobile’s application programming enabled threat actors to access 37 million customers’ data.

What Is T-Mobile Doing?

Despite having several safeguards to prevent unauthorized access, T-Mobile acknowledges the need to enhance its security measures continually. 

They take such incidents seriously, apologize for the breach, and are working towards improving the security of customers’ information.

T-Mobile reset their customers’ T-Mobile Account PIN to safeguard their accounts. Additionally, they provide free identity theft detection services and credit monitoring for two years through Transunion’s myTrueIdentity.

Moreover, T-Mobile conducts a thorough investigation to understand unauthorized activity and improve its safeguards to prevent such incidents from happening again.

Recommendation

Here below, we have mentioned all the recommendations offered by T-Mobile:-

  • Review your account information as soon as possible to ensure everything is correct.
  • Make sure to update your PIN with an updated one, and if you need help updating your PIN, call 18009378997 or go to T-Mobile.com or log into T-Mobile.com.
  • Monitoring the activity on the account is an important part of staying vigilant.
  • Take advantage of your free credit reports by monitoring them regularly.
  • Don’t forget to review your security settings for your email, financial account, and other accounts regularly.
  • Use T-Mobile’s security features like Account Takeover Protection, number transfer PINs, two-step verification, free scam protection with Scam Shield, SIM Protection, a security dashboard, and more.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Secure Ideas Achieves CREST Accreditation and CMMC Level 1 Compliance

Secure Ideas, a premier provider of penetration testing and security consulting services, proudly announces its…

1 hour ago

New Phishing Campaign Targets Investors to Steal Login Credentials

Symantec has recently identified a sophisticated phishing campaign targeting users of Monex Securities (マネックス証券), a…

1 hour ago

UAC-0219 Hackers Leverage WRECKSTEEL PowerShell Stealer to Extract Data from Computers

In a concerning development, CERT-UA, Ukraine's Computer Emergency Response Team, has reported a series of…

2 hours ago

Hunters International Linked to Hive Ransomware in Attacks on Windows, Linux, and ESXi Systems

Hunters International, a ransomware group suspected to be a rebrand of the infamous Hive ransomware,…

2 hours ago

Qilin Operators Imitate ScreenConnect Login Page to Deploy Ransomware and Gain Admin Access

In a recent cyberattack attributed to the Qilin ransomware group, threat actors successfully compromised a…

2 hours ago

Operation HollowQuill Uses Malicious PDFs to Target Academic and Government Networks

A newly uncovered cyber-espionage campaign, dubbed Operation HollowQuill, has been identified as targeting academic, governmental,…

2 hours ago