The U.S. unit of T-Mobile reported of a data breach that affected only its prepaid customers. As per their statement, none of the customers financial information, social security number (SSN) and passwords were compromised.
T-Mobile’s cybersecurity team detected a malicious attack by hackers that gave them unauthorized access to some customer information. The incidence response team was up for the challenge. They shut-out the hackers from the database immediately post detection and restricted them from gaining extensive customer information. They further reported this data breach incidence to the concerned authorities and took appropriate legal approach.
However, T-Mobile said, “The data accessed was the information associated with the prepaid service accounts. Some personal information was exposed in this attack. This would have included name and billing address (if you provided one when you established your account), phone number, account number associated with the prepaid service, and information about your rate plan and features.”
Rate plan and features of voice calling service are “customer proprietary network information” (CPNI) under FCC (Federal Communications Commission) rules. This requires the service provider to officially issue a notice of any security/data breach incident to all the affected users personally and via a press release.
T-Mobile has sent a text notification to all the affected users informing them about the breach.
They are doing their best to reach out to their customers and aiding its users by all possible means. It said that, “We encourage you to confirm or update the personal identification number (PIN/passcode) on your T-Mobile account as additional protection. You can reach us by dialing 611 from your T-Mobile phone or by calling 1-800-T-MOBILE from any phone. We are happy to assist in adding special instructions for account handling as well.”
They also said, “like any other corporation, (T-Mobile) is unfortunately not immune to this type of criminal attack. Because of that, we are always working to improve security so we can stay ahead of malicious activity and protect our customers. We have a number of safeguards in place to protect your personal information from unauthorized access, use, or disclosure and shall continue to evolve so that such incidences are not repeated in future.”
In a similar data breach incidence last year, T-Mobile US, Inc had revealed a data breach that compromised around 2 million users’ personal information. What’s concerning is the fact that this data breach is identical to the current breach.