The cell phone carrier, T-Mobile, has confirmed the rumors of a large-scale data breach. Initially, T-Mobile reassured users that no phone numbers, passwords, PINs, or financial information were compromised. They soon after retracted their statement and advised users to change critical information.
But what’s the nature of the T-Mobile breach? And should you be worried if you or someone you know uses their services?
The T-Mobile Beach: What Happened?
It’s hard to determine the exact scope of the incident as T-Mobile is still investigating the extent of the damage. As of now, the personal data of over 50 million T-Mobile users has been compromised by the attackers.
But the damage isn’t limited to active T-Mobile users. Of the 50 million users, some compromised information included data of people who only applied for T-Mobile services but never went through with it.
What makes the T-Mobile incident different is the method of attack. Most modern cyberattacks are ransomware attacks. They freeze up a company’s systems and prevent them from accessing their data, in exchange for a payment.
The T-Mobile hacker went the traditional route. As soon as the hackers bypass their target’s security system, they locate the most valuable data they could get their hands on and steal it. In this type of attack, the hackers rarely steal data that incriminate the company, but data they can sell on the dark web to other users.
Is T-Mobile to Blame?
In an official statement, T-Mobile blamed the incident on a highly sophisticated cyberattack that targeted them specifically. And it’s true that in this day and age, cyberattacks are inevitable, but that doesn’t mean companies with massive volumes of user data shouldn’t try their best to protect their customers’ privacy and security.
This is the fifth data breach T-Mobile has suffered within the past four years, but it’s by far the biggest in effect and size, which wasn't entirely unexpected. T-Mobile is one of the largest cell phone service providers in the US, serving just over 100 million US-based customers, which puts a huge target on their back.
But the frequent security incidents that compromise users' information, the scope of the latest attack, and how they dealt with it earned T-Mobile a lot of backlash from both users and various security analysts and experts.
T-Mobile only confirmed the attack in an official statement a day after multiple cybersecurity and news outlets reported on the possibility of the incidents.
They reportedly wanted to wait to confirm that user information had been stolen before speaking out. But having personal and financial information floating around on the dark web for an entire day angered a lot of people, especially T-Mobile customers.
What Type of Data Was Stolen?
The T-Mobile hacker posted the stolen data for sale on a deep web cybercrime forum for sale for six Bitcoins, or just under $300,000. The information includes T-Mobile customer’s full names, date of birth, social security numbers, phone numbers, and even their driver’s license information.
So far, it doesn’t appear that financial information, such as credit and debit card information, was included in the breach—but it’s best to freeze any payment card you might’ve used with T-Mobile until there’s more solid information available.
What Can You Do?
If you, or someone you know, was or is a T-Mobile customer, make sure your data wasn’t included in the breach. If it was, immediately change your account’s password and PIN numbers, and contact your local government officials and bank to report potential stolen financial and personal information.
As for the future, users can significantly minimize breaches and attacks are by pressuring the companies for better security and privacy. This can be done in the form of making official complaints and suggestions to T-Mobile and other service providers or by purchasing from and promoting companies that are known for prioritizing customer security and privacy.