T-Mobile says data breach affects more than 40 million people

  • Thread starter Thread starter Evo
  • Start date Start date
  • Tags Tags
    Data
Click For Summary
SUMMARY

The T-Mobile data breach has compromised the sensitive information of 47.8 million current, former, and prospective customers, including Social Security numbers, dates of birth, and driver’s license details. The breach has raised concerns about the inclusion of prospective customers, who may not realize their data is at risk. The hacker group ShinyHunters is reportedly selling this data on the dark web for $1 million, with segments available for $30,000 each. T-Mobile's acquisition of Sprint has also heightened concerns regarding the security of customer data across their platforms.

PREREQUISITES
  • Understanding of cybersecurity principles and data breaches
  • Familiarity with personal data protection regulations
  • Knowledge of dark web marketplaces and hacker groups
  • Awareness of T-Mobile's customer data management practices
NEXT STEPS
  • Research the implications of data breaches on consumer privacy
  • Learn about cybersecurity measures for protecting sensitive information
  • Investigate the role of dark web marketplaces in data trafficking
  • Explore T-Mobile's data security policies and their impact on customer trust
USEFUL FOR

Individuals concerned about data privacy, cybersecurity professionals, telecom industry analysts, and T-Mobile customers seeking to understand the implications of the breach.

Evo
Staff Emeritus
Messages
24,032
Reaction score
3,276
Security Alert
Millions of T-Mobile customers’ information reportedly exposed in cybersecurity incident.
Oh great!

What is happening?
Sensitive data of 47.8 million current, former, or prospective T-Mobile customers is reportedly for sale online. This information includes Social Security numbers, dates of birth, customer names, and driver’s license details.
https://www.cnn.com/2021/08/18/tech/t-mobile-data-breach/index.html
 
Reply
  • Wow
Likes   Reactions: Doc Al and Astronuc
Physics news on Phys.org
A report on Gizmodo - A Notorious Hacker Gang Claims to Be Selling Data on 70 Million AT&T Subscribers
https://gizmodo.com/a-notorious-hacker-gang-claims-to-be-selling-data-on-70-1847527860

AT&T has denied the allegations/claims.

A prolific hacker gang claims to be selling data on 70 million AT&T customers, the likes of which would appear to include names, phone numbers, social security numbers, DOBs, home addresses, and more.

On Thursday, RestorePrivacy broke the news that ShinyHunters, a well-known threat actor, was advertising the apparent database on RaidForums, a popular dark web marketplace. The cybercriminals are asking for $1 million for the entire database, and are selling segments of the data for $30k apiece.

The telecom has denied that the data is legitimate.

Let's see where this goes.
 
T-Mobile is at 53 million., It also includes former and "prospective" customers. The "prospective" concerns me, as it suggests that people who do not think this applies to them because they are not T-Mobile customers may be wrong.
 
Reply
  • Wow
Likes   Reactions: Astronuc
Vanadium 50 said:
T-Mobile is at 53 million., It also includes former and "prospective" customers. The "prospective" concerns me, as it suggests that people who do not think this applies to them because they are not T-Mobile customers may be wrong.
“Prospective” customers likely refers to the people that did not pass credit checks and were not able to become customers or for some reason pulled out/did not sign contracts after the checks were done. Which makes sense, as they would not only have that information on past and present customers, but also the people that did not become customers after the information was processed. “Prospective” is being used in a tactful manner here and implies the company is hoping some situation changing and them becoming customers one day. I doubt that it’s including anyone else outside of that.

Prospective customers might include:
-Anyone that attempted to open a contract but was rejected on account of a poor credit score (Prospective, credit scores improve- subject to change)
-Anyone that attempted to open a contract but their identify was unverifiable or flagged as fraudulent (Prospective, they may find identification or smooth out identity issues- subject to change)
-Anyone that went through the identity and credit check and for some reason decided last minute not to continue with a service/left their cart without completing the process (Prospective, they might come back to us- subject to change)
-Anyone who had an account opened fraudulently in their name and did not become customers/Account was flagged (Prospective, we are a big company and this actual person might become a customer- subject to change)

I would wager that many of T-mobiles prepaid customers had initially attempted to get a contract and they should be included.

T-Mobile recently bought out the service that I use, Sprint. I was alarmed and just checked. I found that other companies that T-Mobile owns isn’t included in the list. It looks like the data was pulled directly from whatever system they use for identity and credit checks, which would be less complex than the system they use for customer accounts. Probably some simple third party system that various companies use for identity and credit checks- easily hacked. Essentially, anyone that clicked the process button after filling out the identity and check form on the T-mobile site or processed in store should be worried.

All of these data leaks are driving me crazy.
 

Similar threads

News Bush Honest & Trustworthy Until How Many Lies?
  • · Replies 65 ·
3
Replies
65
Views
11K