T-Mobile had a second breach in security in less than 18 months, and this time round — hackers managed to steal data such as names, birth dates, and phone numbers from 37 million customer accounts.
The hack was initially revealed on January 5, and the carrier plugged the hole with help from outside cybersecurity experts by the next day.
The telecom says there was no evidence its security systems were compromised, and the mechanism the hacker used did not reveal more sensitive data like social security numbers, government identification numbers, passwords, or payment card info.
However, the exposed information includes names, billing and email addresses, phone numbers, birth dates, T-Mobile account numbers, and information on plans and subscriptions. Now, the carrier is in the process of informing affected parties in accordance with state and federal requirements.
As noted above, this isn’t the first T-Mobile hack, with hackers managing to steal data (including SSN and driver IDs) from nearly 77 million T-Mobile accounts in August 2021. After that incident, the company was ordered to pay $350 million to settle customer claims and invest $150 million to enhance its cybersecurity practices. In this latest filing, T-Mobile revealed it “made substantial progress to date” on those upgrades, but apparently – that’s not enough.
If you’re a T-Mobile user, there is little you can do except watch out for phishing emails that could come your way now that hackers have those details. Make sure NOT to click on all the “cool offers” that come your way. And remember, if something sounds too good to be true – chances are that is indeed the case.