T-Mobile may say they’re improving when it comes to preventing data leaks, but the technology isn’t perfect yet. The mobile network operator announced it had discovered yet another intrusion, but unlike previous incidents that affected millions of people, the hackers this time stole data from about 1,000 users. It seems to be just that.
In a letter sent to affected customers, the company said it discovered the compromise of its systems in March 2023.
“The measures we have in place to warn of unauthorized activity worked as designed, and from late February through March 2023, malicious actors were limited to a small number of T-Mobile accounts. We were able to determine that we had access to the information,” the letter said. read.
hundreds of victims
In total, 836 customers obtained sensitive data. The company said the type of data stolen varies from customer to customer, but generally includes the customer’s name, contact information, account number and associated phone number, T-Mobile account PIN, social security number, Government ID, date of birth, outstanding balance, and internal code used by T-Mobile for customer account services.
This is still a lot of information that can be sold for profit on the black market and used for identity theft. (opens in new tab) campaign.
To combat this threat, T-Mobile reset affected customers’ account PINs and provided free credit monitoring and identity theft detection services through Transunion myTrueIdentity.
beep computer A company spokesperson declined to comment for more details.
This is the second T-Mobile data breach this year, following the January attack. At the time, attackers exploited a vulnerable API to exfiltrate sensitive data about 37 million customers. The breach he occurred in November 2022, was discovered on January 5th and was remedied within 24 hours.
Via: BleepingComputer (opens in new tab)