T-Mobile and its subsidiary MetroPCS today disclosed a recent incident where hackers gained "unauthorized access to certain information" of its customers, which the companies have already reported to the police and shut down. The security breach occurred earlier this week on Monday, August 20, and affected two million customers (via Motherboard).

iphone x t mobile
T-Mobile promises that no financial data, credit card information, social security numbers, or passwords were compromised in the breach. However, "some of your personal information may have been exposed," the company states in the letter shared online, including one or more of the following: name, billing zip code, phone number, email address, account number, and account type (prepaid or postpaid).

A T-Mobile spokesperson says that the security breach affected "slightly less than" three percent of its 77 million customers, but did not reference a specific number. The incident reportedly happened "early in the morning" on August 20, and was perpetrated by hackers part of "an international group" that accessed T-Mobile servers through an API that "didn't contain any financial data or other very sensitive data."

The intrusion was discovered by T-Mobile's cybersecurity team the same day:

“We found it quickly and shut it down very fast,” the spokesperson said.

The spokesperson said she couldn’t give “specifics” of the attack and did not know whether the hackers were criminals or part of a government.

T-Mobile is reaching out to victims directly via text message to notify them, she said.

T-Mobile is now reaching out to notify all affected customers, and "if you don't receive a notification then that means your account was not among those impacted by this incident." The breach occurred less than a week after T-Mobile announced its new customer service initiative "Team of Experts."

Tag: T-Mobile

Top Rated Comments

gsmornot Avatar
gsmornot
74 months ago
Here’s a great idea, stop centralizing databases.

Decentralize the customer information so they have direct access.

That wau when a hacker comes around, it’s not just one or two targets with MILLIONS of person info, instead they would need to target one person at a time
Not being a physical asset this would not apply. If you can see the records from a single machine it does not matter where they are stored. It would not make sense to have multiple systems for customer data, the agents alone would take a lot of time trying to find the user. So, option two is better management of access.
Score: 3 Votes (Like | Disagree)
shareef777 Avatar
shareef777
74 months ago
Here’s a great idea, stop centralizing databases.

Decentralize the customer information so they have direct access.

That wau when a hacker comes around, it’s not just one or two targets with MILLIONS of person info, instead they would need to target one person at a time
There's no solution that's hacker-proof. A script can be written to pull the data of one customer and re-run a million times automatically to pull the data of all the others.
Score: 2 Votes (Like | Disagree)
Capeto Avatar
Capeto
74 months ago
Yeah, I got a text message yesterday saying my info was compromised.

I hope whoever steals my identity enjoys the student loan debt!
Score: 2 Votes (Like | Disagree)
TheShadowKnows! Avatar
TheShadowKnows!
74 months ago
Beware that this is the perfect situation whereby you are the target of "spear phishing"

Here is how that would work:
[LIST=1]
* The news are out that T-Mobile servers have been compromised, and that a small fraction of subscribers will receive an email warning them that they may have been the target.
* You receive such email. The email appears to be authentic; but it is not and yet it appears crafted by T-Mobile Customer Service.
* It includes within the email body an embedded URL requesting you, the recipient, to click and login onto your T-Mobile account, and "change your password".
* The URL is fake, and points to hackers' backend servers.
* Unaware, you click and "login" with your login credentials.
* Presto, your credentials are now on the wild, and you have given the hackers a free pass to your T-Mobiel account, and posible financial information.

So beware.
Never click on embedded URLs within the body of emails.
Score: 1 Votes (Like | Disagree)
A MacBook lover Avatar
A MacBook lover
74 months ago
Here’s a great idea, stop centralizing databases.

Decentralize the customer information so they have direct access.

That wau when a hacker comes around, it’s not just one or two targets with MILLIONS of person info, instead they would need to target one person at a time
Score: 1 Votes (Like | Disagree)
Read All Comments

Popular Stories

iOS 18 Siri Integrated Feature

iOS 18 Will Add These New Features to Your iPhone

Friday April 12, 2024 11:11 am PDT by
iOS 18 is expected to be the "biggest" update in the iPhone's history. Below, we recap rumored features and changes for the iPhone. iOS 18 is rumored to include new generative AI features for Siri and many apps, and Apple plans to add RCS support to the Messages app for an improved texting experience between iPhones and Android devices. The update is also expected to introduce a more...
Read Full Article
Delta Feature

Delta Game Emulator Now Available From App Store on iPhone

Wednesday April 17, 2024 9:58 am PDT by
Game emulator apps have come and gone since Apple announced App Store support for them on April 5, but now popular game emulator Delta from developer Riley Testut is available for download. Testut is known as the developer behind GBA4iOS, an open-source emulator that was available for a brief time more than a decade ago. GBA4iOS led to Delta, an emulator that has been available outside of...
Read Full Article165 comments
iOS NES Emulator Bimmy Feature

NES Emulator for iPhone and iPad Now Available on App Store [Removed]

Tuesday April 16, 2024 11:33 am PDT by
The first approved Nintendo Entertainment System (NES) emulator for the iPhone and iPad was made available on the App Store today following Apple's rule change. The emulator is called Bimmy, and it was developed by Tom Salvo. On the App Store, Bimmy is described as a tool for testing and playing public domain/"homebrew" games created for the NES, but the app allows you to load ROMs for any...
Read Full Article229 comments
iGBA Feature

Apple Removes Game Boy Emulator iGBA From App Store Due to Spam and Copyright Violations

Sunday April 14, 2024 9:22 pm PDT by
Apple today said it removed Game Boy emulator iGBA from the App Store for violating the company's App Review Guidelines related to spam (section 4.3) and copyright (section 5.2), but it did not provide any specific details. iGBA was a copycat version of developer Riley Testut's open-source GBA4iOS app. The emulator rose to the top of the App Store charts following its release this weekend,...
Read Full Article135 comments
iPhone 15 Pro Action Button Translate

All iPhone 16 Models to Feature Action Button, But Usefulness Debated

Tuesday April 16, 2024 6:54 am PDT by
Last September, Apple's iPhone 15 Pro models debuted with a new customizable Action button, offering faster access to a handful of functions, as well as the ability to assign Shortcuts. Apple is poised to include the feature on all upcoming iPhone 16 models, so we asked iPhone 15 Pro users what their experience has been with the additional button so far. The Action button replaces the switch ...
Read Full Article103 comments
iGBA Feature

Game Boy Emulator for iPhone Now Available in App Store Following Rule Change [Removed]

Sunday April 14, 2024 8:06 am PDT by
A week after Apple updated its App Review Guidelines to permit retro game console emulators, a Game Boy emulator for the iPhone called iGBA has appeared in the App Store worldwide. The emulator is already one of the top free apps on the App Store charts. It was not entirely clear if Apple would allow emulators to work with all and any games, but iGBA is able to load any Game Boy ROMs that...
Read Full Article106 comments