T-Mobile suffered another cyberattack after suffering a massive data breach in August, this time the attackers gained access to a “small number” of customer accounts, according to documents released by the T-Mo report.
According to the report, customers were victims of a SIM swap attack (which could allow someone to bypass two-factor authentication that works via SMS), personal plan information was exposed, or both.
The document states that the customer-owned network information that was displayed could have included the customers’ billing account name, phone number, account, and plan information, including the number of lines attached to them. their account, according to The Verege.
The person who obtained the credit for the breach described T-MOBILE’s security as “terrible”, and the carrier confirmed that a data breach exposed the data of nearly 50 million customers, in which the attacker had access to their social security numbers, names and dates. of birth. (The person claiming to be the hacker called the company’s security practices “horrible.”)
According to The Verege, the information leaked during the December breach is less sensitive (and documents indicate that customers whose SIM cards were swapped have regained access) and likely insignificant in scope.
We couldn’t find numerous reports from customers saying they had received push notifications, a T-Mobile support account apparently confirmed there had been a breach, and in response to people on Twitter, he was taking “immediate action” to help those who were endangered by the attack. .