T-Mobile: Over 40 Million Customer Records Affected in Hack

Tech giant T-Mobile has confirmed that millions of customers have had their data breached during a cyberattack

T-Mobile has confirmed that millions of customers have had their data stolen during a hack. Data from 7.8m postpaid, 850,000 prepaid, and records from 40m former and prospective customers were breached.

The stolen information included customers’ full names, dates of birth, social security numbers, and IDs such as driver’s licenses, the Bellevue, Washington-based company said in a statement today (Wednesday 18th). The hack doesn’t appear to have included credit card details or other financial information, it said.
 

When did the hack happen?

 

Late last week the company was informed of claims made in an online forum that a bad actor had compromised T-Mobile systems. They immediately began an exhaustive investigation into these claims and brought in world-leading cybersecurity experts to help with the assessment.

The alleged hacker told Motherboard that the data belonged to “T-Mobile USA” customers and contains everything from names, social security numbers, and phone numbers, to home addresses and driver license information. The news site said it was able to confirm the accuracy of the stolen data after reviewing a sample.

The perpetrator is asking for 6 bitcoin — currently worth about $285,000, just for a portion of the data, which would consist of 30 million social security numbers and driver's licenses.

 

Taking precautionary measures

 

As a result of this hack, T-Mobile is taking steps to help protect all of the individuals who may be at risk from this cyberattack.

  • Immediately offering 2 years of free identity protection services with McAfee’s ID Theft Protection Service.
  • Recommending all T-Mobile postpaid customers proactively change their PIN by going online into their T-Mobile account or calling our Customer Care team by dialing 611 on your phone. This precaution is despite the fact that we have no knowledge that any postpaid account PINs were compromised.
  • Offering an extra step to protect your mobile account with our Account Takeover Protection capabilities for postpaid customers, which makes it harder for customer accounts to be fraudulently ported out and stolen.
  • Publishing a unique web page for one stop information and solutions to help customers take steps to further protect themselves. 

This is not the first data breach T-Mobile has experienced. In January, T-Mobile had a data breach that saw cybercriminals steal about 200,000 call records and other subscriber data. Last year, T-Mobile had two incidents,  there was a breach on its email systems that saw hackers access some T-Mobile employee email accounts and access customer data; and a breach of a million prepaid customers’ personal and billing information months later. 

 

Share

Featured Articles

TECH LIVE LONDON: An overview of the hybrid technology show

We take a look at the first day of Tech Live London with insights from technology leaders from companies such as IBM, Microsoft and Vodafone

TECH LIVE LONDON: Begins tomorrow at 10am!

Our marquee technology event is nearly here. There's still time to claim your free ticket (worth £295). Look forward to welcoming you to the Tobacco Dock!

Executive Q&A: Marc Lueck, CISO EMEA, Zscaler

As we prepare to welcome the Zero Trust leaders to TECH LIVE LONDON this June 23-24, we take the opportunity to chat to Zscaler CISO of EMEA, Marc Lueck

TECH LIVE LONDON: Registering, networking and logistics

Digital Transformation

New speaker from Infosys announced for TECH LIVE LONDON!

Digital Transformation

New speaker from Bernadette announced for TECH LIVE LONDON!

Digital Transformation