[BreachExchange] More than 1 million T-Mobile customers exposed by breach

Destry Winant destry at riskbasedsecurity.com
Mon Nov 25 10:09:16 EST 2019


https://techcrunch.com/2019/11/22/more-than-1-million-t-mobile-customers-exposed-by-breach/

T-Mobile  has confirmed a data breach affecting more than a million of
its customers, whose personal data (but no financial or password data)
was exposed to a malicious actor. The company alerted the affected
customers but did not provide many details in its official account of
the hack.

The company said in its disclosure to affected users that its security
team had shut down “malicious, unauthorized access” to prepaid data
customers. The data exposed appears to have been:

The latter data is considered “customer proprietary network
information” and under telecoms regulations they are required to
notify customers if it is leaked. The implication seems to be that
they might not have done so otherwise. Of course some hacks, even
hacks of historic magnitude, go undisclosed sometimes for years.

In this case, however, it seems that T-Mobile has disclosed the hack
in a fairly prompt manner, though it provided very few details. When I
asked, a T-Mobile representative indicated that “less than 1.5
percent” of customers were affected, which of the company’s
approximately 75 million users adds up to somewhat over a million.

The company reports that “we take the security of your information
very seriously,” a canard we’ve asked companies to stop saying in
these situations.

The T-Mobile representative stated that the attack was discovered in
early November and shut down “immediately.” They did not answer other
questions I asked, such as whether it was on a public-facing or
internal website or database, how long the data was exposed and what
specifically the company had done to rectify the problem.

The data listed above is not necessarily highly damaging on its own,
but it’s the kind of data with which someone might attempt to steal
your identity or take over your account. Account hijacking is a fairly
common tactic among cyber-ne’er-do-wells these days and it helps to
have details like the target’s plan, home address and so on at one’s
fingertips.

If you’re a T-Mobile customer, it may be a good idea to change your
password there and check up on your account details.


More information about the BreachExchange mailing list