After repeated sufferings form data breaches as in 2018 that exposed customers’ information, 2019 for prepaid customers, and in March 2020 that exposed customer and financial data, T-Mobile has announced a new data breach exposing customers’ proprietary network information (CPNI), including phone numbers and call records.
(CPNI) as defined by the Federal Communication Commission (FCC) rules was accessed, revealing phone number, number of lines on an account and, in some cases, call related information collected as a part of the normal operation of your wireless service.
T-Mobiles stated that the data breach did not expose account holders’ names, physical addresses, email addresses, financial data, credit card information, social security numbers, tax IDs, passwords or PINs.
As soon as the breach was discovered by T-Mobile security team, a cybersecurity firm was brought to investigate and alerting texts were sent to customers about the security incident that exposed their account’s information. Those who received the text alert should be on the lookout for suspicious texts claiming to be from T-Mobile asking for information or containing links to non-T-Mobile web pages.
Although this breach had affected a small number of customers (less than 0.2%) as T-Mobile has announced, this equates to around 200.000 people, regarding that T-Mobile has approximately 100 million customers.
It is not uncommon for threat actors to use stolen information for further targeted phishing/smishing campaigns that attempt to steal sensitive information such as login names and passwords.