ALERT SUMMARY
On August 17, 2021, T-Mobile was attacked by a highly sophisticated intrusion into their mobile system. This was discovered when a hacker in an online forum stated they had successfully compromised T-Mobile. The issue was an open access point that allowed unauthorized entry to the T-Mobile servers. Although this vulnerability was close, the hacker was able to access a portion of T-Mobile customer personal data. T-Mobile is working with law enforcement on this issue as well as bringing in leading cybersecurity experts.
8 million current postpay customers and almost 41 million former/prospective customers had their personal information compromised including customer name, date of birth, SSN, driver’s license and mobile phone identity information.
Another 5 million current postpay customers had this same exposure minus any SSN or driver’s licenses.
The accounts of 850,000 prepaid customers also had their accounts compromised including their names, phone numbers and PINs.
Plus, some inactive prepaid accounts had their accounts exposed but no indication of any customer financial information was exposed like credit cards nor customer account information like passwords.
As the investigation continues, T-Mobile has taken steps to protect their customers with free identity protection services from McAfee. Plus, they took the bold step of resetting all PINs. They are sending communications out to all the affected customers and individuals.
Next Steps - For additional details and Step-By Step Instructions on how to protect and respond to this Alert, follow the link below.
Comments