Millions of T-Mobile customers’, including prospective customers’ personal info compromised in major cyber attack
Note: We may earn a commission from products or services when you click on a link and make a purchase.
Mobile service provider T-Mobile issued an update about a widespread cyberattack against the company’s IT systems. The update comes one day after T-Mobile acknowledged that it has suffered yet another successful cyber attack.
This is a follow-up to claims made online that about 100 million T-Mobile customer user records had been exfiltrated from T-Mobile servers. The sensitive customer data was posted for sale online.
“Our preliminary analysis is that approximately 7.8 million current T-Mobile postpaid customer accounts’ information appears to be contained in the stolen files, as well as just over 40 million records of former or prospective customers who had previously applied for credit with T-Mobile,” says the update from T-Mobile.
Shares of T-Mobile US Inc (TMUS.O) were down 2.8% yesterday in afternoon trading.
The update acknowledges that the telecom became aware of the online claims last week. T-Mobile says that the company has verified that their attackers have indeed exfiltrated customer data. The stolen records do contain sensitive customer details.
For affected current and former post-pay customers as well as prospective T-Mobile customers stolen data includes:
- Customers’ full names
- Social Security Number
News of the data breach hit the internet yesterday.
The forensic investigation is still underway. It often takes many months to understand the attack vector, what data was taken, the details of what was stolen, and who is impacted by the attack.
T-Mobile Cyberattack – What to Do Next
T-Mobile has not yet notified customers of their eligibility for identity protection services. If you fit the customer profile above, you should take immediate steps to secure your T-Mobile account, phone, and all your financial accounts.
- T-Mobile customers should change their PIN number online immediately. They can also call T-Mobile customer service.
- Change your T-Mobile account password. People often reuse the same password over-and-over again for multiple online accounts. If a hacker can get into one account, they can use your phone number, email, and password combination to break into other more critical accounts. Bank accounts, credit cards and tax returns are all at risk.
- If you cannot remember a unique and hard-to-guess password for each online account you have, then use a password manager to create and store passwords for you.
- Beware of future email phishing attacks. Cyber criminals sell your stolen personal information to other hackers. These fraudsters use your phone number an email to send fraudulent SMS text messages and scam emails. The scam emails are designed to look like official messages from T-Mobile or other common brands you may know. They use cleverly designed messages using official logos and spoofed websites to trick you. The fake websites can steal your credit cards, passwords, and money.
- Read our guide on how to spot a phishing email. Use extreme caution when opening any email or text message that contains and attachment or a link to click on.
- Use a quality antivirus app to protect your phone, laptop, and email accounts from future scam emails and harmful websites.
Current T-Mobile customers can get more information and updates here https://www.t-mobile.com/brand/data-breach-2021