T-Mobile Leaks Data of Over 40 Million Customers
On August 17, 2021 European telecom giant T-Mobile informed the public of a cyberattack on the company that resulted in the theft of data relating to over 40 million customers. The data belongs to three groups of customers termed "former, current and prospective".
The announcement comes in the wake of the threat actor who carried out the attack bragging about it on a dark web forum. The information leaked is related to nearly 8 million postpaid accounts, under a million prepaid ones and over 40 million past or prospective T-Mobile customers. The last group is comprised of people who have applied for credit with the mobile telecom company.
T-Mobile informed the public that the company has shut off the access point which was likely used by the hackers to gain illegal access to the database servers. The security and cyber forensics investigation is still in progress, but at this point in time T-Mobile believes that the bad actors were unable to access any data related to credit cards and payments or other financial information.
If the hackers bragging on the dark web forum are to be believed, they managed to infiltrate T-Mobile's network by abusing a poorly configured access point used by the company for testing. The way the access point was configured made it publicly accessible to anyone online, so the attack was not some particularly complex job that involved a complicated attack vector or long preparation.
Quoting an analyst working with security firm Forrester, ThreatPost wrote that there was an "open gate" that the hackers simply needed to feel out and find. There was no complex setup involved or a zero-day vulnerability abused in the breach.
The data stolen from T-Mobile servers is over 100GB in size, at least according to the hacker. The information stolen includes customer names, dates of birth, driver's license and ID card information as well as social security numbers.
T-Mobile is offering a two-year stretch of free identity protection services to customers and has also suggested that customers change their PINs inside their T-Mobile online account.