T-Mobile Says an Additional 5.3 Million Customer Accounts Were Compromised in Data Breach

by

T-Mobile earlier this week shared details on a data breach where hackers gained access to the personal information of close to 50 million current, former, and prospective customers.

tmobilelogo
At the time, T-Mobile said that data from 7.8 million current customers had been compromised, as well as information from 40 million former or potential customers. In an updated statement provided today, T-Mobile says that it has confirmed that data from another 5.3 million postpaid customers was accessed.

Information accessed from these customers included names, addresses, birth dates, phone numbers, IMEIs, and IMSIs. The prior 7.8 million customers also saw their SSN and driver's license information stolen.

T-Mobile says that on top of the previously announced 40 million former or prospective customers that were impacted, another 667,000 accounts of former customers were breached. Hackers were able to obtain names, phone numbers, addresses, and birth dates from these customers. Other former and prospective customers had their SSN and driver's license information leaked.

Hackers were also able to access data files that included phone numbers, IMEI numbers, and IMSI numbers, but that data included no personally identifiable information. T-Mobile says that it does not believe that the data in the stolen files included customer financial information, credit card information, debit, or other payment information.

There were 850,000 T-Mobile postpaid customers impacted with phone numbers and PINs exposed, and T-Mobile has reset the PINs on all of these accounts. T-Mobile now says that up to 52,000 names related to current Metro by T-Mobile accounts may also have been included, but none of the T-Mobile files stolen related to former Sprint prepaid or Boost customers.

The attack was first identified when hackers posted on a forum offering to sell data from 100 million T-Mobile customers. The data for sale included social security numbers, phone numbers, names, physical addresses, IMEI numbers, and driver's license data.

T-Mobile says that it has contacted millions of customers and is offering those impacted two years of identity protection services with McAfee's ID Theft Protection Service. The company also recommends that eligible T-Mobile customers sign up for free scam-blocking protection.

To prevent future attacks, T-Mobile says it has "worked diligently to enhance security across our platforms" and is working with experts to understand both immediate and longer-term next steps.

Tag: T-Mobile

Popular Stories

iPhone SE 4 Vertical Camera Feature

iPhone SE 4 Rumored to Use Same Rear Chassis as iPhone 16

Friday July 19, 2024 7:16 am PDT by
Apple will adopt the same rear chassis manufacturing process for the iPhone SE 4 that it is using for the upcoming standard iPhone 16, claims a new rumor coming out of China. According to the Weibo-based leaker "Fixed Focus Digital," the backplate manufacturing process for the iPhone SE 4 is "exactly the same" as the standard model in Apple's upcoming iPhone 16 lineup, which is expected to...
Read Full Article132 comments
iPhone 16 Pro Sizes Feature

iPhone 16 Series Is Just Two Months Away: Everything We Know

Monday July 15, 2024 4:44 am PDT by
Apple typically releases its new iPhone series around mid-September, which means we are about two months out from the launch of the iPhone 16. Like the iPhone 15 series, this year's lineup is expected to stick with four models – iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max – although there are plenty of design differences and new features to take into account. To bring ...
Read Full Article129 comments
iphone 14 lineup

Cellebrite Unable to Unlock iPhones on iOS 17.4 or Later, Leak Reveals

Thursday July 18, 2024 4:18 am PDT by
Israel-based mobile forensics company Cellebrite is unable to unlock iPhones running iOS 17.4 or later, according to leaked documents verified by 404 Media. The documents provide a rare glimpse into the capabilities of the company's mobile forensics tools and highlight the ongoing security improvements in Apple's latest devices. The leaked "Cellebrite iOS Support Matrix" obtained by 404 Media...
Read Full Article66 comments
tinypod apple watch

TinyPod Turns Your Apple Watch Into an iPod

Wednesday July 17, 2024 3:18 pm PDT by
If you have an old Apple Watch and you're not sure what to do with it, a new product called TinyPod might be the answer. Priced at $79, the TinyPod is a silicone case with a built-in scroll wheel that houses the Apple Watch chassis. When an Apple Watch is placed inside the TinyPod, the click wheel on the case is able to be used to scroll through the Apple Watch interface. The feature works...
Read Full Article133 comments
bsod

Crowdstrike Says Global IT Outage Impacting Windows PCs, But Mac and Linux Hosts Not Affected

Friday July 19, 2024 3:12 am PDT by
A widespread system failure is currently affecting numerous Windows devices globally, causing critical boot failures across various industries, including banks, rail networks, airlines, retailers, broadcasters, healthcare, and many more sectors. The issue, manifesting as a Blue Screen of Death (BSOD), is preventing computers from starting up properly and forcing them into continuous recovery...
Read Full Article483 comments
New MacBook Pros Launching Tomorrow With These 4 New Features 2

M5 MacBook Models to Use New Compact Camera Module in 2025

Wednesday July 17, 2024 2:58 am PDT by
Apple in 2025 will take on a new compact camera module (CCM) supplier for future MacBook models powered by its next-generation M5 chip, according to Apple analyst Ming-Chi Kuo. Writing in his latest investor note on unny-opticals-2025-business-momentum-to-benefit-509819818c2a">Medium, Kuo said Apple will turn to Sunny Optical for the CCM in its M5 MacBooks. The Chinese optical lens company...
Read Full Article112 comments

Top Rated Comments

jz0309 Avatar
jz0309
38 months ago
security is still not taken serious enough in corporate America ...
Score: 30 Votes (Like | Disagree)
Macaholic868 Avatar
Macaholic868
38 months ago
I work in IT. Trust me when I tell you this. You need to assume somebody somewhere has all of your information so pay for an ID theft service and don’t keep an amount of cash you couldn’t afford to lose in a checking account with a debit card you actively use. Keep it in savings and transfer only what you need in the short run or, better yet, don’t use a debit card at all for online or physical transactions. If you get fraudulent charges on a debit card that money is gone and it can take days or weeks to try and get it back. With a credit card you are not responsible and if they won’t work with you then you can dispute the charges. Don’t let them get your money. ID protection services may seem like an unnecessary monthly fee right up until you get hit and need them. Find a credit card with good cash back or rewards you want to use and then use that card for everything. Check the charges daily. It’s worth it even if it adds 10 minutes to your day and another monthly fee.
Score: 22 Votes (Like | Disagree)
velocityg4 Avatar
velocityg4
38 months ago

How this is even possible boggles my mind.
Given the number of breaches since 2018. Maybe the login for their server is.
Username: Admin
Password: Password1!

Obviously they started with password. But had to keep upping the ante with each breach.
Score: 19 Votes (Like | Disagree)
Chambers McMac Avatar
Chambers McMac
38 months ago
You’ve got to luv an ad showing for T-Mobile as I read about T-Mobile very ugly breach. Time to move on from this carrier?? Is it a sign?



Attachment Image
Score: 12 Votes (Like | Disagree)
joshwenke Avatar
joshwenke
38 months ago
Keep in mind this is the sixth T-mobile breach (that we know of) in just the last four years. This is horrible.

* In 2018, info belonging to millions of T-Mobile customers was accessed by hackers ('https://www.bleepingcomputer.com/news/security/t-mobile-detects-and-stops-ongoing-security-breach/').
* In 2019, T-Mobile exposed prepaid customers' data ('https://www.bleepingcomputer.com/news/security/t-mobile-discloses-data-breach-impacting-prepaid-customers/').
* In March 2020, hackers gained access to T-Mobile employees' email accounts ('https://www.bleepingcomputer.com/news/security/t-mobile-data-breach-exposes-customer-personal-financial-info/').
* In December 2020, hackers accessed exposed customer proprietary network information (phone numbers, call records) ('https://www.bleepingcomputer.com/news/security/t-mobile-data-breach-exposed-phone-numbers-call-records/').
* In February 2021, threat actors targeted up to 400 customers in SIM swap attacks after gaining access to an internal T-Mobile application ('https://www.bleepingcomputer.com/news/security/t-mobile-discloses-data-breach-after-sim-swapping-attacks/').
Score: 11 Votes (Like | Disagree)
yaxomoxay Avatar
yaxomoxay
38 months ago
How this is even possible boggles my mind.
Score: 11 Votes (Like | Disagree)
Read All Comments