T-Mobile hasn’t yet responded to requests for clarification regarding how many of the 7.8 million current customers may also have been affected by the credit application breach. It is not clear how many people total may be impacted by this breach. “This precaution is despite the fact that we have no knowledge that any postpaid account PINs were compromised,” the advisory reads. Nevertheless, T-Mobile is urging all T-Mobile postpaid customers to proactively change their account PINs by going online into their T-Mobile account or calling customer care at 611. “Importantly, no phone numbers, account numbers, PINs, passwords, or financial information were compromised in any of these files of customers or prospective customers.” “Our preliminary analysis is that approximately 7.8 million current T-Mobile postpaid customer accounts’ information appears to be contained in the stolen files, as well as just over 40 million records of former or prospective customers who had previously applied for credit with T-Mobile,” the company wrote in a blog post. In a statement Tuesday evening, T-Mobile said a “highly sophisticated” attack against its network led to the breach of data on millions of customers. The acknowledgment came less than 48 hours after millions of the stolen T-Mobile customer records went up for sale in the cybercrime underground. In its announcement, though, T-Mobile vowed to continue making "substantial, multi-year investments in strengthening cybersecurity program.T-Mobile is warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. As The New York Times reports, the company said it has "made substantial progress to date" on those updates, but it clearly wasn't enough to prevent this incident. While the initial number of affected customers for that breach was around 30 million, it ultimately ballooned to 76.6 million customers.Īlmost a year later, the carrier agreed to pay $350 million to settle a consolidated class action lawsuit and pledged to spend $150 million to update its data security technologies. T-Mobile CEO Mike Sievert said back then that the hacker used "specialized" tools and knowledge of its infrastructure in order to gain access to its testing environment. If you'll recall, the carrier confirmed in August 2021 that tens of millions of customers had been impacted by a data breach that exposed their sensitive information, including their social security numbers and driver's licenses. According to The Wall Street Journal, the Federal Communications Commission has also opened an investigation into T-Mobile, because as a spokesperson told the publication, "this incident is the latest in a string of data breaches at the company." The carrier is still investigating the incident to get a more detailed view of what happened, but it has already warned investors that it would likely incur significant costs due to the incident. "No passwords, payment card information, social security numbers, government ID numbers or other financial account information" were stolen, the company said. T-Mobile said, however, that it didn't find evidence that its network or systems had been breached or compromised. They were also able to obtain users' account numbers and information about their plans, such as the number of lines they have. While the company was able to contain the issue 24 hours after discovering the malicious activity, the bad actors have had access to its data long enough to have stolen people's names, billing addresses, emails, phone numbers and birthdays. In a post announcing the breach, T-Mobile revealed that the hackers used an API to steal customer information. The carrier said in a regulatory filing that it discovered the issue on January 5th, but that it believes the bad actors had been taking data from the company since November 25th. T-Mobile has admitted that hackers were able to steal the information of around 37 million postpaid and prepaid customers in another major data breach.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |