Recently T-Mobile confirmed nearly 48 million current, former, and prospective customers were compromised in a massive data breach. While only confirmed a couple days ago, the investigation into the breach began last week, when T-Mobile learned of claims made in an online forum stating an attacker had compromised its systems.
After confirming the breach, T-Mobile then shared its preliminary analysis results, which stated approximately 7.8 million current T-Mobile postpaid customer accounts' information appears to be in the stolen files, in addition to just over 40 million records of former or prospective customers who had applied for credit with T-Mobile.
The data stolen in the breach included customers' first and last names, birthdate, Social Security number, and driver's license/ID information for a subset of current and former postpay customers as well as prospective T-Mobile customers. However, so far there is no indication that the data in stolen files included customers' financial data, credit or debit card information, or other payment data, as T-Mobile also reported no phone numbers, account numbers, PINs, or passwords were compromised in affected files related to current postpaid customers or former or prospective customers.
Given the company's recent history with data breaches, some experts say T-Mobile should have been able to detect the rogue activity inside its network before learning about the attack from an online forum. While the company has not yet confirmed how the attack happened, the person who claims responsibility for the attack says T-Mobile misconfigured a gateway GPRS support node that seems to have been used for testing. The node was exposed to the Internet, which allowed the attacker to pivot to the LAN.
This incident marks the fifth time in four years that T-Mobile has been breached and had it’s data hacked. Starting in 2018, while merging with Sprint, T-Mobile was breached with hackers obtaining customer names, billing zip codes, phone numbers, email addresses, account numbers, and account type. During the breach. Roughly three percent of the company’s 77 million users at the time were affected, meaning the hackers gained access to information pertaining to about two million people.
This incident was followed up just a little over a year later, as the T-Mobile was breached once again in November of 2019. The breach, while smaller than in 2018, once again exposed customer data such as names, billing addresses, phone numbers, account numbers, rate plans, and plan features.
Then in 2020, amidst the chaos caused by the Covid-19 pandemic, T-Mobile was breached not once, but twice over the course of eight months, between March and December of last year. These breaches were once again smaller than the 2018 incident, with only about 200,000 customer’s data being exposed in the December breach. However, both breaches, much like their predecessors, exposed sensitive data, such as phone numbers, number of lines subscribed to and in a small number of cases some call-related information collected as part of normal operation and service.
In terms of the newest breach, T-Mobile says it has located and closed the access point it believes was used to gain access to its servers and is offering two years of free identity protection services for those affected, consumer trust in the company’s security measures is sure to be waning. And while the latest breach was certainly the most damaging in terms of the number of accounts exposed, from an individual standpoint, all the breaches raise red flags for both current and future T-Mobile customers.
The exposure of information such as name and birthdate puts people at higher risk for identity theft, and while many businesses have reduced their dependence on Social Security numbers, they are still core to a person's digital identity. The release of billing addresses, many of which may be home addresses not publicly listed, is also a major danger to those who live there, especially high-profile people and others whose privacy may already be at risk.
Unfortunately, while it's become common for businesses to be breached multiple times, such a consecutive series of breaches over a somewhat short period of time will likely weaken customer trust and put pressure on T-Mobile to seriously improve it’s cybersecurity measures. Cyberattacks are increasing in both volume and sophistication as we push into a new digital age, meaning T-Mobile will surely have a difficult task in front of them.
On top of this, while it's clear T-Mobile has a lot of work to do to not only address numerous gaps in its security program, they also have to work on restoring customer confidence in their brand. Considering the number of breaches it has disclosed in recent years, security-conscious customers will now have to strongly consider whether T-Mobile is worthy of their trust and their business.
NextPlane's Affordable Microsoft Teams PSTN Calling Solution for UCaaS and Service Providers
The popular app Snapchat is now offering a new friend, of sorts: My AI. Powered by ChatGPT, the bot is already integrated for select users to experime…
Dialpad is further expanding its Tech for Black Founders program and partnership with Sacramento Kings' point guard Davion Mitchell to promote Black-o…
IDEA Showcase 2023 at ITEXPO in Ft. Lauderdale, Florida, gave entrepreneurs a chance to present pitches to a panel of judges.
The GSA said the IRS and other government agencies will not be using facial recognition to verify access to their websites and online records. The ann…