Last week, hackers managed to breach some of T-Mobile’s internal servers claiming millions of personal data had been put online for sale.
The company had been criticised for a conflicting statement after a threat actor allegedly put up for sale the personal details of millions of T-Mobile customers on a cybercrime forum on Saturday, August 14.
The hacker’s ad referenced 30 million T-Mobile customers, but in a subsequent interview with news site Motherboard, the individual claimed the data was part of a larger package containing details for 100 million T-Mobile customers.
Further to this, the hacker then posted an online statement of its own, claiming that the breach occurred by gaining access to a T-Mobile GPRS gateway that was allegedly misconfigured.
Last week, in T-Mobile’s initial statement, they confirmed a breach but did not go into any further detail, and refrained from mentioning if customer data had been compromised whilst they validated the claims of the hacker and ran a thorough investigation.
Today, T-Mobile US has confirmed data from 850,000 prepaid customers and over 40 million records of former or prospective customers has indeed been stolen.
In a statement, T-Mobile US confirmed that the breached data includes first and last names, birth dates, Social Security numbers and driver’s license information. However, the company has also said there was no indication of financial details being compromised.
It’s the sixth security breach T-Mobile has disclosed since 2018.
The NCSC has published guidance for individuals and families who may have been affected by data breaches. People can follow their advice to reduce the impact of a breach by taking various actionable steps.
Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to firstname.lastname@example.org. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).