T-Mobile Breach Report
High-profile data breaches are commonplace these days. Over the past year, we've hardly gone a week without hearing of a new cyber-attack on another megacorporation.
Most recently, the telecommunication giant, T-Mobile, made the news. In mid-August, hackers gained access to the sensitive information of over 50 million individuals. The affected group includes current, former, and prospective T-Mobile customers.
The Hacked Information
The stolen information includes various forms of customers' personal information. The personal data, in this case, includes addresses, birth dates, license and ID, PINs, IMEI, and social security numbers. The breach did not expose payment data. Payment data would include financial information such as debit or credit card numbers.
What it Means For The Victims
Much of the information the cyber hacker stole in the breach could have been found individually on various public record sites. However, the combination of the information put together on one database is where the unique problem lies, and here is why.
As most of us are likely aware, SMS phishing is a text messaging scheme. Scammers try to trick consumers into providing their private information. When scammers combine these forms of identifiable information, such as an individual's address and phone number, it can make their text messages more believable. This only increases the likelihood of them pulling off the scheme on other innocent individuals.
When scammers have the data needed to falsely identify themselves as the fraud victim, it can become a big problem. This means that a hacker could utilize two-factor authentication or one-time passwords that link to other accounts in order to gain access using the identity fraud victim's phone number. This could result in something called a SIM swap attack, which occurs when hackers access a person's phone and then lock them out to access various essential accounts. They have been a significant breach issue over the past several years.
The Discovery of Data Breach and Hacker
Motherboard, an online magazine, was the first to report the massive breach at T-Mobile, on August 15th, 2021. The original post stated that a person on the dark web claimed that he stole the data from the corporation's servers. Although in the admission, the hacker did not explicitly name T-Mobile, it was quickly determined that this was the company involved. The cyber hacker also said he planned to sell the information he collected for around $280,000.
John Binns, a 21-year-old cyber hacker in Turkey, took full responsibility for the hack. Binns spoke with The Wall Street Journal regarding the cyber-attack but did not say whether he worked alone or not. In the interview, he also told them additional details on how he did it and simultaneously blamed T-Mobile's inadequate security.
Binns told the interviewer he'd scanned T-Mobile's systems for vulnerabilities for some time before gaining access through an exposed router. He was quoted as saying that their security was "awful."
At the time of T-Mobile’s response, CEO Mike Sievert said that the investigation into the cyber-attack and breach was almost complete. Although the criminal investigation is still ongoing. He apologized for the breach, saying disappointment and frustration over the attack is an understatement as to how they feel. He repeatedly clarified the customers remain T-Mobile's top priority.
Sievert also said that T-Mobile is now working with Mandiant, a cybersecurity firm, and KPMG, a consultancy firm. They are investigating the breach and strengthening cyber defenses. After a thorough investigation, they're confident they found the entry point of the attack and have corrected the issue.
In Sievert's statement, he said the company has reached out to every current customer affected by the cyber-attack, although they are still working to contact the previous and prospective customers. Those customers who are not believed to be involved or at risk will now see a banner on their T-Mobile account login page.
T-Mobile is also offering the following to all customers affected by the security breach:
- Access to Two free years of identity theft protection from McAfee
- Usage of T-Mobile's scam-blocking protection through Scam Shield
- Ability to use Account Takeover Protection service for postpaid customers
- Suggestions on practical security steps to take, such as resetting passwords and PINS
Some of the cell phone company's customers filed a legal action with the civil court for damages. The class-action lawsuit states that the cyberattack violated their privacy rights. Exposing them to a greater risk of identity theft and fraud.
What many don’t know is that this breach isn't a first for the company. These attacks are becoming more commonplace for corporations. But, T-Mobile, even as one of the country’s largest cellphone carriers, is finding it challenging to explain their five cyberattacks since 2018. This month’s information breach is currently under investigation by the Federal Communications Commission.
Unfortunate New Normal
Analysts expressed that data breaches are an unfortunate part of technology and the world we live in today. Changing carriers after the recent T-Mobile data breach won't necessarily make a difference for customers. Among other reasons, the sudden shift of so many to remote work because of COVID-19 has left many businesses more vulnerable.
Things To Do to Protect Yourself After a Cyber-Attack
In this case, and others, consumers can take steps after a cyber-attack to protect their credit. Take T-Mobile up on their security-related offers. Use the free identity protection, advanced spam blocking, and account takeover protection services. You should also enroll with a credit tracking and monitoring service, which will track your credit report for any recent activity. You can also use a password manager tool to store confidential passwords and change your passwords and pin numbers on every account. Finally, fraud monitoring services are an excellent tool for protecting your accounts. These services are monitoring for suspicious activity.
Overall, a data breach is a harsh reality of the digital age we live in. With every intuitive feature of a product or service, our data is being utilized in more ways than we often recognize. Legislation can only go so far to encourage responsible data privacy and security practices. Ultimately, it is up to individuals organizations to take data security seriously and ensure readiness in the event of a data breach.