T-Mobile Suffers its Second Security Breach within Six Months

Richard M. May 8, 2023 5 minute read

T-mobile US suffered its second data breach between late February and early March, affecting 836 customers. Prior to this incident, T-Mobile had discovered the first data breach on January 5th, 2023, making 37 million customers vulnerable to fraud and identity theft.

T-Mobile US suffered its second data breach on February 24, which continued until March 30. According to a report posted to the Maine attorney general’s office, approximately 836 customers were impacted by the breach before T-Mobile discovered it on March 28 and revealed it in late April. The company has not yet revealed the cause of the data breach.

A hacker accessed sensitive information, including full names, DOB, addresses, contact information, government identification numbers, social security numbers, and T-Mobile account pins from notification letters sent to impacted customers on April 28. According to T-Mobile, financial information and call logs were not accessed; however, PINs and plenty of valuable personal information were retrieved.

“The information obtained for each customer varied, but may have included full name, contact information, account number and associated phone numbers, T-Mobile account PIN, social security number, government ID, date of birth, balance due, internal codes that T-Mobile uses to service customer accounts (for example, rate plan and feature codes), and the number of lines,” the “Un-carrier” explained in its letter.

Prior to this, T-Mobile’s first data breach of 2023 occurred between November 2022 and January 2023. This breach affected 37 million customer accounts and was discovered on January 05, 2023. This is the eighth data breach that has occurred since 2018.

Unfortunately, T-Mobile has become accustomed to data breaches and has been involved in nine massive data breaches, resulting in tens of millions of customer records being compromised. In 2018, the company reported its first breach, which affected the theft of 2 million records and hashed passwords. One year later, officials revealed more than a million customer records were compromised. Further breaches occurred in March and December of 2020, followed in 2021 by posting 48 million customer records to the dark web.

Following the recent breach, T-Mobile has reset the PINs of all affected customers’ accounts. A statement from the company assured that all affected customers would also receive free credit monitoring for 2 years.

T-Mobile, in the letter to its impacted holder, stated, “While we have a number of safeguards in place to alert us to unauthorised access such as this from happening, we recognise that we must continue to make improvements to stay ahead of bad actors,” they added, “We take these issues seriously. We apologise that this happened and are furthering efforts to enhance the security of your information.”

Moreover, affected customers were advised to take additional precautions to safeguard their accounts. They reviewed their account information for unauthorised changes as part of this process. They updated their account PINs, monitored their activity regularly, and utilised any available features to enhance account security.

Ryan McConechy, CTO of Barriers Network, said, “This latest cyberattack against T-Mobile may be smaller than previous breaches, but it doesn’t make it less concerning,” he added, “The fact that the attackers were able to operate on the T-Mobile network undetected for a month, stealing sensitive customer information without anyone’s knowledge is very concerning. Since victims were unaware their data had been compromised, they would not have been on guard for phishing scams or been monitoring their accounts for fraudulent transactions, so attackers would likely have been able to exploit the stolen data during this time, completely under the radar.”