Over 50 million T-Mobile customers, former customers, and those who applied for service with the wireless network operator were affected by a data breach that put their personal information at risk. Full names, dates of birth, as well as social security and driver’s license numbers, were exposed during the breach. The company reports that no financial information such as credit or debit card numbers were exposed. But let’s face it, with the information that was leaked, bad actors can cause a large amount of damage.

Details of the Breach

T-Mobile reports that almost 8 million current customer accounts were exposed. The data included the personal information discussed earlier as well as phone numbers and mobile phone identities were compromised. Those who previously held accounts with T-Mobile, as well as those who applied for service with the company also had their information compromised. This group numbers approximately 40 million. 850K T-Mobile prepaid account holders were also affected.

Potential Dangers to Customers

While any financial damages have not been reported, when hackers can swap SIM’s, they can take control of the phone. That means that everything that is usually protected by two-factor authentication is now accessible to the hacker, this includes online bank accounts.

Affected customers were sent a text message stating, “T-Mobile has determined that unauthorized access to some of your information, or others on your account, has occurred, like name, address, phone number and DOB. Importantly, we have NO information that indicates your SSN, personal financial or payment information, credit/debit card information, account numbers, or account passwords were accessed. We take the protection of our customers seriously. Learn more about practices that keep your account secure and general recommendations for protecting yourself: t-mo.co/Protect

Protecting Customers in the Future

The T-Mobile team is also reportedly conducting forensic analysis and investigating the attack and putting proactive measures in place to protect their customers. T-Mobile is also working to enhance security and collaborate with professionals to determine their long-term plans.  The company is also working to limit future damage by resetting the PINs of prepaid customers. They also employed other support including:

  • Two years for free identity protection with McAfee’s ID Theft Protection
  • Suggesting that affected customers get free scam blocking protection through Scam Shield
  • Helping customers with best practices and security tips like PIN and password resets
  • Providing a customer support webpage with additional information and links to the tools above

 

Your customers and staff provide their information and expect that it will be protected. BCC is here to help you do just that, as an IT support partner. The implementation of effective dark web monitoring will help you detect if proprietary information has been leaked or sold on the dark web. Partner with BCC and we can integrate our solutions directly into your existing infrastructure. We welcome you to contact us for a complimentary assessment. Visit our website or give us a call at 630.563.0151 today!