4

T-Mobile suffers 8th data breach in less than 5 years

 1 year ago
source link: https://www.csoonline.com/article/3686053/t-mobile-suffers-8th-data-breach-in-less-than-5-years.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

T-Mobile suffers 8th data breach in less than 5 years

Customer data such as customer name, billing address, email, phone number, date of birth, T-Mobile account number and information such as the number of lines on the account and plan features were exposed in the breach.

By Apurva Venkat

Principal Correspondent,

CSO | Jan 20, 2023 2:11 am PST

p1200572

Magdalena Petrova

Telecom player T-Mobile US has suffered a cybersecurity incident that resulted in the exposure of personal details of 37 million users, the company reported in a filing to the US Securities and Exchange Commission on Thursday. 

Customer data such as customer name, billing address, email, phone number, date of birth, T-Mobile account number and information such as the number of lines on the account and plan features were exposed, the company revealed. 

However, T-Mobile in a statement insisted that customer payment card information (PCI), social security numbers/tax IDs, driver’s license or other government ID numbers, passwords/PINs or other financial account information were not exposed, it . 

Data obtained through a single API 

T-Mobile said it found that a bad actor had obtained data through a single Application Programming Interface (API) without authorization on January 5. However, the company said the bad actor first retrieved data through the impacted API starting on or around November 25, 2022. 

There was an investigation conducted by external cybersecurity experts and within a day of identifying the malicious activity, the source was traced, and the activity was stopped. 

“Our investigation is still ongoing, but the malicious activity appears to be fully contained at this time, and there is currently no evidence that the bad actor was able to breach or compromise our systems or our network,” T-Mobile said. 

The company said it has notified certain federal agencies about the incident and is concurrently working with law enforcement. “Additionally, we have begun notifying customers whose information may have been obtained by the bad actor in accordance with applicable state and federal requirements,” it said. 

T-Mobile said it may incur significant expenses in connection with this incident. However, it is still unable to predict the full impact of the incident on customer behavior in the future, “including whether a change in our customers’ behavior could negatively impact our results of operations on an ongoing basis, we presently do not expect that it will have a material effect on the company’s operations.” 

In 2021, the telco commenced a substantial multi-year investment working with leading external cybersecurity experts to enhance its cybersecurity capabilities and transform its approach to cybersecurity. “We have made substantial progress to date and protecting our customers’ data remains a top priority. We will continue to make substantial investments to strengthen our cybersecurity program,” T-Mobile added. 

Not the first security breach at T-Mobile

This is not the first major cybersecurity incident on T-Mobile. T-Mobile has suffered 7 more large breaches since 2018. In August 2018, the company said that 3% of its customer data was leaked. An attacker was exfiltrating personal data such as customer names, billing ZIP codes, phone numbers, email addresses, account numbers, and account types (prepaid or postpaid).
In 2019, November, the company disclosed that the account information of an undisclosed number of prepaid customers was accessed by an unauthorized third-party. In March 2020, T-Mobile announced a data breach caused by an email vendor being hacked that exposed the personal and financial information of some of its customers. In the same year in December, the company suffered another breach that exposed customers’ proprietary network information (CPNI), including phone numbers and call records.

T-Mobile again disclosed a data breach after an unknown number of customers were affected by SIM swap attacks in February 2021.The telecommunications giant had warned that information including names, dates of birth, US Social Security numbers (SSNs), and driver’s license/ID of some 77 million individuals comprising current, former, or prospective customers had been exposed via a data breach in August 2021. 

However, its ordeal didn’t end with this. In another incident in April, 2022, Lapsus$, a hacker group, was able to gain access to the company’s internal tools, which gave them the chance to carry out SIM swaps.

Eventually, in July, 2022, T-Mobile was forced to pay $350 million to customers affected by the August 2021 breach, as a part of a settlement, and agreed to invest $150 million to upgrade its cybersecurity through 2023.


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK