T-Mobile Confirms Data Breach and SIM Swapping Attacks

After an undisclosed number of subscribers were reportedly hit by malicious SIM swapping attacks, American telecommunications company T-Mobile has announced a data breach.

Source

The telecom giant revealed in a security breach notice sent to affected consumers on February 9^th, 2021 that an anonymous attacker gained access to customer account details, including contact information, personal ID numbers, account numbers, social security numbers, account security questions, and answers, birth dates, plan information, and the number of lines subscribed to their accounts. Since the attackers were able to port numbers, it is not clear whether or not they have been able to access employees’ accounts by use of the affected account users.

An unknown actor gained access to certain account information. It appears the actor may then have used this information to port your line to a different carrier without your authorization. T-Mobile identified this activity, terminated the unauthorized access, and implemented measures to protect against reoccurrence.

For security reasons, T-Mobile advised the targeted customers to change their passwords, PINs, and their security questions and answers. Additionally, the company offers two years of free credit monitoring and identity theft detection services to the impacted customers in the incident.

Your perimeter network is vulnerable to sophisticated attacks.

Heimdal® Threat Prevention - Network

Is the next-generation network protection and response solution that will keep your systems safe.

• No need to deploy it on your endpoints;
• Protects any entry point into the organization, including BYODs;
• Stops even hidden threats using AI and your network traffic log;
• Complete DNS, HTTP and HTTPs protection, HIPS and HIDS;

Try it for FREE today 30-day Free Trial. Offer valid only for companies.

Past Data Breaches

This is not the first time that the American telecom giant has been the subject of a security breach. In 2020, an attack against the company’s email vendor led to unauthorized access to certain T-Mobile employee email accounts, which included account information of customers and employees.

In November 2019, T-Mobile revealed in a data breach notification that the account information of an undisclosed number of customers using the company’s prepaid services was accessed by an unauthorized third-party.

And before that, back in 2018, a data breach prejudiced the personal information of no less than two million T-Mobile users. The compromised data included names, email addresses, account numbers, and other billing information of its customers.

For the moment, there’s no clear information on how many T-Mobile customers might be affected. And we don’t know for sure whether the compromised accounts were the result of a mass data breach (as happened the last year) or, instead, a series of individual account takeovers that might be the result of weak or reused passwords.

Since T-Mobile is no stranger to such data breaches, especially in the past three years alone, the company should consider stepping up its security game as soon as possible. Given the increasing rate of hacking incidents, either they are suffering from consistent advanced persistent threats or there is something easily exploited that is being overlooked.