[TheRecord] T-Mobile says hack affected more than 40 million people

T-Mobile said on Tuesday that a data breach it was informed of late last week contained more than 40 million records belonging to former or prospective customers who had applied for credit with the company, as well as information on approximately 7.8 million current postpaid customer accounts.

The stolen information included first and last names, dates of birth, Social Security numbers, and driver’s license information, the company said. No phone numbers, account numbers, PINs, passwords, or financial data from these accounts appeared to be taken.

“While our investigation is still underway and we continue to learn additional details, we have now been able to confirm that the data stolen from our systems did include some personal information,” the company said in a statement. “We have no indication that the data contained in the stolen files included any customer financial information, credit card information, debit or other payment information.”

An additional 850,000 active T-Mobile prepaid customer names, phone numbers, and account PINs were also exposed in the breach. T-Mobile has proactively reset all PINs on these accounts and is in the process of notifying affected customers.

The Record reported earlier this week that the hacker posted a statement online claiming that the breach occurred by gaining access to a T-Mobile GPRS gateway that was allegedly misconfigured.

The person who claims to have compromised T-Mobile says the company misconfigured a gateway GPRS support node that was apparently used for testing. It was exposed to the internet. That allowed the person to eventually pivot to the LAN. Proof screenshot supplied. pic.twitter.com/tBMvRBmG0r

— Jeremy Kirk (@Jeremy_Kirk) August 16, 2021

T-Mobile said in its recent statement that it “located and immediately closed the access point that we believe was used to illegally gain entry to our servers,” but did not specify how the hacker was able to gain access to the company’s systems.

In its statement, T-Mobile listed guidance to affected individuals:

As a result of this finding, we are taking immediate steps to help protect all of the individuals who may be at risk from this cyberattack. Communications will be issued shortly to customers outlining that T-Mobile is:Immediately offering 2 years of free identity protection services with McAfee’s ID Theft Protection Service.Recommending all T-Mobile postpaid customers proactively change their PIN by going online into their T-Mobile account or calling our Customer Care team by dialing 611 on your phone. This precaution is despite the fact that we have no knowledge that any postpaid account PINs were compromised.Offering an extra step to protect your mobile account with our Account Takeover Protection capabilities for postpaid customers, which makes it harder for customer accounts to be fraudulently ported out and stolen.Publishing a unique web page later on Wednesday for one stop information and solutions to help customers take steps to further protect themselves. 

The post T-Mobile says hack affected more than 40 million people appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[SANS ISC] ISC Stormcast For Monday, May 17th, 2021 https://isc.sans.edu/podcastdetail.html?id=7502, (Mon, May 17th)

All posts, Sans-ISC

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Source: Read More (SANS Internet Storm Center, InfoCON: green)

Read More

[SecurityWeek] Third-Party Identity Risk Provider SecZetta Raises $20.5 Million

All posts, Security Week

Third-party identity risk solutions provider SecZetta this week announced that it has raised $20.5 million in Series B funding, which brings the total raised by the company to $30.5 million. The new investment round was led by SYN Ventures and new investor MassMutual Ventures. Existing investors ClearSky and Rally Ventures also contributed. read more Source: […]

Read More

Daily NCSC-FI news followup 2021-05-06

Syväteknologiaa kehittävä Unikie kyberturvallisuusjärjestö FISCin jäseneksi: “Kaiken internet (IoE) ilman salattua tietoliikennettä on vastuuton” www.epressi.com/tiedotteet/ohjelmistoteollisuus/syvateknologiaa-kehittava-unikie-kyberturvallisuusjarjesto-fiscin-jaseneksi-kaiken-internet-ioe-ilman-salattua-tietoliikennetta-on-vastuuton.html tsuNAME – New DNS bug allows attackers to DDoS authoritative DNS servers www.bleepingcomputer.com/news/security/new-tsuname-dns-bug-allows-attackers-to-ddos-authoritative-dns-servers/ “What makes TsuNAME particularly dangerous is that it can be exploited to carry out DDoS attacks against critical DNS infrastructure like large TLDs or ccTLDs, potentially affecting […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.