In a massive data breach we first learned about earlier this week, T-Mobile is continuing to discover the extent of the damage that’s rising beyond 50 million accounts. In an update today, the uncarrier says it has found an additional 5.3 million current postpaid customer accounts had their name, address, date of birth, or other personal information compromised.
T-Mobile previously shared that 47.8 million records were taken including customers and those who even just applied for coverage with the carrier but never went through with it.
- T-Mobile hack confirmed, carrier says 47.8M records taken; not just customers
- Hacker selling ‘full data from 100M T-Mobile customers’ – carrier statement [U]
This morning, T-Mobile has shared its latest discoveries as it continues its investigation. That includes 5.3 million more current postpaid customer accounts that were compromised:
We previously reported information from approximately 7.8 million current T-Mobile postpaid customer accounts that included first and last names, date of birth, SSN, and driver’s license/ID information was compromised. We have now also determined that phone numbers, as well as IMEI and IMSI information, the typical identifier numbers associated with a mobile phone, were also compromised. Additionally, we have since identified another 5.3 million current postpaid customer accounts that had one or more associated customer names, addresses, date of births, phone numbers, IMEIs and IMSIs illegally accessed. These additional accounts did not have any SSNs or driver’s license/ID information compromised.
In addition to the 40 million “former or prospective T-Mobile customers” the company says another 667,000 of those have been found to be compromised.
We also previously reported that data files with information from about 40 million former or prospective T-Mobile customers, including first and last names, date of birth, SSN, and driver’s license/ID information, were compromised. We have since identified an additional 667,000 accounts of former T- Mobile customers that were accessed with customer names, phone numbers, addresses and dates of birth compromised. These additional accounts did not have any SSNs or driver’s license/ID information compromised.
Clarifying more on those breaches, the uncarrier says:
Separately, we have also identified further stolen data files including phone numbers, IMEI, and IMSI numbers. That data included no personally identifiable information.
We continue to have no indication that the data contained in any of the stolen files included any customer financial information, credit card information, debit or other payment information.
As for the work ahead, T-Mobile shared today that:
We are continuing to take action to protect everyone at risk from this cyberattack, including those additional persons we recently identified. We have sent communications to millions of customers and other affected individuals and are providing support in various ways.
That includes:
- Offering two years of free identity protection services with McAfee’s ID Theft Protection Service to any person who believes they may be affected
- Recommending that all eligible T-Mobile customers sign up for free scam-blocking protection through Scam Shield
- Supporting customers with additional best practices and practical security steps like resetting PINs and passwords
- Publishing a customer support webpage that includes information and access to these tools at https://www.t-mobile.com/brand/data-breach-2021
Notably, AT&T is also dealing with an alleged breach of up to 70 million customer accounts.
FTC: We use income earning auto affiliate links. More.
Comments