T-Mobile’s hacking revealed the personal information of more than 47 million people


T-Mobile has published additional information on that score the latest hack, and while the company’s findings are below the reported 100 million record, the figures are amazing.

Saying the investigation is still ongoing, the company confirmed that more than 40 million “former or potential customers” who applied for credit in the past and 7.8 million postpaid customers (those who currently have a contract) were stolen. In its last earnings report (PDF), T-Mobile announced that it had more than 104 million customers.

The information in the stolen files contained important personal information, including first and last names, dates of birth, social security numbers, and driver’s license / ID numbers — what information you can use to create an account in another person’s name or capture an existing one. It apparently did not include “phone numbers, account numbers, PINs, or passwords.”

Nor is it the end of this, as more than 850,000 prepaid T-Mobile customers also fell victim to the violation, and the information disclosed for them includes “names, phone numbers, and account PINs”. These customers have already changed their PIN and will be notified “immediately”. Unspecified data on inactive prepaid accounts were also available. However, T-Mobile says, “This inactive file did not contain any customer financial information, credit card information, debit or other payment information, or SSN.”

The announcement includes language that “We take the protection of our customers very seriously,” but it sounds particularly hollow to T-Mobile, as this is at least the fourth hacking revealed in recent years, including one in January. According to the company, its investigation was initiated on the basis of a report in which someone claimed in the online forum that they had compromised T-Mobile’s servers.

A Twitter account promotes stolen information for sale claimed The attack affected all 100 million customers and included IMEI / IMSI data from 36 million customers who were able to identify specific devices or SIM cards, but the T-Mobile announcement does not confirm this.

T-Mobile announces the release of a website with information for customers later today. It offers two years of free identity protection services from McAfee, recommends postpaid customers to change their PINs, and mentions account security features to prevent SIM card exchange attacks.

Leave a Reply

Your email address will not be published. Required fields are marked *