On Wednesday, mobile telecommunications company T-mobile revealed that an investigation into a cyberattack on its systems has shown that the personal information of about 7.8 million of its current postpaid customers had been compromised by hackers. In a statement by the company, T-Mobile was oblivious to the hack until an online forum claimed that the personal information of some of its customers have been leaked, and this led to the still ongoing investigation that showed that indeed this was true.
T-Mobile said that the data of about 850,000 prepaid customers were also stolen and that the records of over 40 million previous and prospective customers were also stolen. The information of customers that had been stolen included their full names, social security numbers, dates of birth, and information relating to their driver’s license. T-Mobile, however, failed to make it known if the financial details of customers were compromised.
T-Mobile became aware of the hack late last week and assured the public on Monday that the entry point that the hackers had used to access the aforementioned data of its customers had been closed. A Monday statement said that “we have been working around the clock to investigate claims being made that T-Mobile data may have been illegally accessed. We have determined that unauthorized access to some T-mobile data occurred, however, we have not yet determined that there is any personal customer data involved. We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed”.
Data hacks are not a new thing and it remains a huge challenge for companies across industries such as telecommunications, finance, etc. The T-Mobile breach can hardly be ignored because of the amount of information that was stolen, and how sensitive this information is. The data breach was first reported on Sunday by Motherboard who claimed that someone on the dark web wanted to sell some of the data of T-Mobile customers for six Bitcoin.
Speaking about the occurrence, the Director of Threat Intelligence at Abnormal Security said that “this is ripe for using the phone numbers and names to send out SMS-based phishing messages that are crafted in a way that’s a little bit more believable”, emphasizing how the sensitive data of customers can be used by the potential buyer in ways that could yet be imagined.
Ibhadojemu Lucky Emmanuel is a graduate of Education and Economics from the University of Benin. He has a passion for tech and business and has been writing professionally for over a period of five years. He's written across various topics and segments and knew tech-business was it when he first stumbled on it. He has a great passion for music and arts, and wants to visit as many countries as he can someday.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behaviour or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
