The operator says it is still investigating the severity of the data breach, with reports suggesting that data from more than 100 million customers could have been compromised
T-Mobile’s cybersecurity has come under scrutiny numerous times in the past few years, with serveral hacking incidents of various severity coming to light.
In 2018, a notable breach reportedly gave hackers unauthorised access to customer names, billing ZIP codes, phone numbers, email addresses, and account numbers. Four additional data breaches were recorded between this time and the end of 2020, affecting millions of T-Mobile customers, with the operator promising to increase its security protocols to keep customers’ data more secure.
However, at the start of 2021, the company confirmed that hackers had once again breached servers containing Customer Proprietary Network Information (CPNI). T-Mobile was quick to downplay the scope and severity of this threat, however, saying just 0.2% of their customers had been affected and that the breach did not impact sensitive information, such as credit card numbers.
Now, it seems that T-Mobile once again has been penetrated by malicious actors, this time on an enormous scale, with reports suggesting that the latest data breach could affect up to 100 million T-Mobile customers.
Yesterday, the company confirmed that hackers had gained “unauthorised access” to its systems, with some of its customers’ data found to be on sale at a known cybercriminal forum. The extent of the customer data jeopardised is still unclear, but could include social security numbers, phone numbers, names, physical addresses, and unique IMEI (international mobile equipment identity numbers). Customers’ drivers licences – which T-Mobile uses to verify their identity – could even have been accessed.
A forum post by the alleged hacker sought six bitcoin (around $275,000) for the return of a subset of around 30 million customers’ data, with the remaining 70 million reportedly to be sold “privately” elsewhere.
In an initial statement, T-Mobile said it was investigating the breach, saying “we are aware of claims made in an underground forum and have been actively investigating their validity”.
Since then, the operator has posted another statement, suggesting that they have found and closed the hacker’s entry point in their system.
“We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed,” said the statement.
If these claims do prove correct, this would be one of the largest data breaches in history.
In related news, Singapore’s StarHub recently found evidence of a similar data breach from 14 years ago, with data from 57,000 of its customers available on a third-party data dump site.
Want to keep up to date with the latest developments in the world of telecoms? Subscriber to receive Total Telecom’s daily newsletter here