T-Mobile Discloses Second Data Breach of 2023 Affecting Hundreds of Customers

by | May 2, 2023 | News

T-Mobile second data breach of 2023

Post Views: 327

Premium Content

Patreon
Subscribe to Patreon to watch this episode.
Reading Time: 3 Minutes

Hackers Target T-Mobile Again: Second Data Breach in 2023

T-Mobile, one of the largest mobile carriers in the United States, recently disclosed its second data breach of 2023. According to the company, hackers gained access to the personal information of 836 customers for more than a month, starting in late February. Although this is a relatively small number of customers compared to previous data breaches reported by T-Mobile, the amount of exposed information is highly extensive and could lead to identity theft and phishing attacks.

The exposed personally identifiable information included customers’ full names, contact information, account numbers, associated phone numbers, T-Mobile account PINs, social security numbers, government IDs, dates of birth, balance due, internal codes that T-Mobile uses to service customer accounts, and the number of lines. While the threat actors did not gain access to call records or customers’ personal financial account information, the exposed data is more than enough for identity theft.

T-Mobile reset account PINs for impacted customers and is offering two years of free credit monitoring and identity theft detection services through Transunion myTrueIdentity. The company is taking measures to address the breach and ensure that such incidents do not occur in the future.

See Also: So you want to be a hacker?
Offensive Security, Bug Bounty Courses

This is the second such incident T-Mobile has revealed since the start of the year. The previous data breach, which impacted 37 million people, was disclosed on January 19 after attackers stole customers’ personal information by abusing a vulnerable Application Programming Interface (API) in November 2022.

Trending: Exploit XSS Injections in a one-line powerful Technique

Trending: Offensive Security Tool: Go365

T-Mobile’s History of Data Breaches

T-Mobile has a history of data breaches, including one that exposed the information of roughly 3% of all T-Mobile customers in 2018.

  • In 2019, the account information of an undisclosed number of prepaid customers was exposed.
  • In March 2020, T-Mobile employees were affected by a data breach exposing their personal and financial information.
  • In December 2020, threat actors accessed customer proprietary network information (phone numbers, call records).
  • In February 2021, an internal T-Mobile application was accessed by unknown attackers without authorization.
  • In August 2021, hackers brute-forced their way through the carrier’s network following a breach of a T-Mobile testing environment.
  • Finally, in April 2022, the Lapsus$ extortion gang breached T-Mobile’s network using stolen credentials.

Trending: Cisco Discloses Zero-Day XSS Vulnerability in Prime Collaboration Deployment Software

Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?

If you want to express your idea in an article contact us here for a quote: [email protected]

Source: bleepingcomputer.com

Source Link

Merch

Recent News

EXPLORE OUR STORE

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

Join our Community

Share This