Last week, T-Mobile allowed hackers to steal information from more than 53 million of their customers. They learned of the attack after an anonymous individual claimed to have breached their systems and was trying to sell stolen customer data in an online forum. Of the 53 million records stolen, 7.8 million were current paid customers, and the additional 46 million were former and prospective customers who applied for plans. The information stolen included first and last names, birth dates, Social Security numbers, and driver’s license information.
Hackers did not deploy a ransomware attack and lock up the T-Mobile systems. Instead, the cyber criminals broke into the company’s servers through an open access point, stole data, and attempted to sell the information online for between $80,000 and $270,000 worth of bitcoin.
The stolen information can be used to hack into users wireless accounts and other accounts with repeated information. Additionally, it can be used in a SIM-swapping hack in which the hacker can convince a phone carrier they are someone else to have the compromised individual’s phone number switched to their control. This allows hackers to bypass multi-factor authentication settings on other accounts like financial institutions, email, or social media accounts.
T-Mobile has responded to the attack in a recent blog post where they outline what customers need to know and how to protect themselves. They confirmed what information was accessed, but indicated that no personal financial or payment information, credit or debit card information, account numbers, or account passwords were accessed.
Also, in the blog, T-Mobile outlined steps customers can take to further protect themselves.
- Sign up for McAfee ID Theft Protection free for two years provided by T-Mobile.
- Activate Scam Shield to protect against scam IDs and robot calls.
- Use free Account Takeover Protection to protect against users fraudulently porting out and stealing users’ phone numbers.
The investigation is ongoing, and we will continue to update you with the latest news.