T-Mobile USA was affected by a security breach late last night. Company’s cyber-security specialists discovered and shut down the unauthorized access immediately.
They found out that a hacker was exfiltrating personal data such as customer names, billing ZIP codes, phone numbers, email addresses, account numbers, and account types (prepaid or postpaid).
The good news is that the hackers did not gain access to passwords, social security numbers, or any financial information.
All impacted customers, less than 3%, will receive an SMS, letter in the mail, or a phone call to notify them.
Remember everything can be hacked. In order to stay away from any threats related to the crypto world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;
Don’t get fooled, 3% may seem a small number but not in the chase of T-Mobile; The company reported 75.62 million customers at the end of Q2 2018. That would put the breach at around 3.9 million customers, which is still a considerable number.
Even if the hackers did not get their hands on any financial data or passwords, the breach makes it easier for the attacker to port (SIM swap) numbers, which represent a big cybersecurity flaw.
After the breach, T-Mobile stated: “We take the security of your information very seriously and have a number of safeguards in place to protect your personal information from unauthorized access. We truly regret that this incident occurred and are so sorry for any inconvenience this has caused you.”
We would continue to monitor this cyber attack. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.