T-Mobile alerted all those affected and reset the PIN information for the accounts that had this compromised in the attack. Some customers also had sensitive information including their social security numbers and drivers license/ID information and T-Mobile account PINs compromised. The information accessed included customers names, addresses, dates of birth, phone numbers, International Mobile Equipment Identity numbers and International Mobile Subscriber Identity numbers. Following an investigation into the attack, it was revealed that more than 76.6 million current and former customers’ information had been accessed during the breach. In August 2021, T-Mobile alerted its customers that it had been the victim of a cyber attack that had led to a data breach. This is the second large-scale data breach the company has suffered within two years, despite agreeing to invest US$150mn in its cyber security systems following the previous data breach in 2021. Both lawsuits allege that T-Mobile failed to exercise reasonable care in protect customers’ private information. Two class action lawsuits related to the breach have been filed with the US District Court for the Northern District of Florida and the US District Court for the Central District of California. T-Mobile said the reason for this was the cyber security systems and policies it has in place “prevent the most sensitive types of customer information from being accessed”. No sensitive information such as social security number, payment details or passwords were accessed in the breach. It believes the hacker has been using the API to access customer data since November 2022, however, meaning a malicious actor was able to access the data of 37 million customers.Īccording to T-Mobile, the data accessed reportedly includes “name, billing address, email, phone number, date of birth, account number and information such as the number of lines on the account and service plan features”. T-Mobile said the breach was shut down within 24 hours of detection. The company said that it believed the hacker had gained access to customer information “using a single Application Programming Interface (or API)”. The breach was first discovered by T-Mobile on January 5 after the company noticed “unusual activity” on its American networks and was then reported to the general public on January 19. T-Mobile, the Deutsche Telekom-owned mobile communications brand, has suffered a data breach that exposed the records of 37 million customers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |