T-Mobile Leaks Data of Over 40 Million Customers

On August 17, 2021 European telecom giant T-Mobile informed the public of a cyberattack on the company that resulted in the theft of data relating to over 40 million customers. The data belongs to three groups of customers termed "former, current and prospective".

The announcement comes in the wake of the threat actor who carried out the attack bragging about it on a dark web forum. The information leaked is related to nearly 8 million postpaid accounts, under a million prepaid ones and over 40 million past or prospective T-Mobile customers. The last group is comprised of people who have applied for credit with the mobile telecom company.

T-Mobile informed the public that the company has shut off the access point which was likely used by the hackers to gain illegal access to the database servers. The security and cyber forensics investigation is still in progress, but at this point in time T-Mobile believes that the bad actors were unable to access any data related to credit cards and payments or other financial information.

If the hackers bragging on the dark web forum are to be believed, they managed to infiltrate T-Mobile's network by abusing a poorly configured access point used by the company for testing. The way the access point was configured made it publicly accessible to anyone online, so the attack was not some particularly complex job that involved a complicated attack vector or long preparation.

Quoting an analyst working with security firm Forrester, ThreatPost wrote that there was an "open gate" that the hackers simply needed to feel out and find. There was no complex setup involved or a zero-day vulnerability abused in the breach.

The data stolen from T-Mobile servers is over 100GB in size, at least according to the hacker. The information stolen includes customer names, dates of birth, driver's license and ID card information as well as social security numbers.

T-Mobile is offering a two-year stretch of free identity protection services to customers and has also suggested that customers change their PINs inside their T-Mobile online account.

August 20, 2021
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.