T-Mobile CEO Apologizes for Data Breach, Shares Info on Future Security Plans

T-Mobile CEO Mike Sievert today penned a letter to T-Mobile customers apologizing for the recent data breach that impacted more than 50 million current, former, and prospective T-Mobile users.

tmobilelogo
Data that included names, phone numbers, addresses, birth dates, social security numbers, driver's license and ID info, IMEI numbers, and IMSI numbers was stolen and has been offered for sale.

"We didn't live up to the expectations we have for ourselves to protect our customers," wrote Sievert. "Knowing that we failed to prevent this exposure is one of the hardest parts of this event. On behalf of everyone at Team Magenta, I want to say we are truly sorry."

He went on to say that T-Mobile is "disappointed and frustrated" and that keeping customer data safe is a responsibility that is taken "incredibly seriously." Preventing attacks is a "top priority" for the company.

The hacker who claims to have attacked T-Mobile's servers yesterday said that T-Mobile's security is "awful." The hacker said that he discovered an unprotected T-Mobile router in July and used that to access T-Mobile's data center in Washington, where he was able to get in using stored credentials.

Sievert said that T-Mobile is coordinating with law enforcement on a criminal investigation, and that the company is unable to disclose specific details at this time.

What we can share is that, in simplest terms, the bad actor leveraged their knowledge of technical systems, along with specialized tools and capabilities, to gain access to our testing environments and then used brute force attacks and other methods to make their way into other IT servers that included customer data.

T-Mobile has now notified every current T-Mobile customer about the data breach, and is working to notify former and prospective customers. Those affected can visit T-Mobile's website dedicated to the attack, which provides tools for signing up for free McAfee ID Theft Protection, setting up Scam Shield, and using the Account Takeover Protection service.

In an attempt to prevent future attacks, T-Mobile has entered long-term partnerships with cybersecurity experts at Mandiant and with consulting firm KPMG LLP. T-Mobile is planning a multi-year investment into beefing up its security.

Popular Stories

iPhone 17 Pro Dual Tone Feature 1

iPhone 17 Pro Launching Later This Year With These 8 New Features

Thursday January 9, 2025 5:45 am PST by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices. iPhone 17 Pro concept based on rumors Below, we recap key changes rumored for the iPhone 17 Pro models as of January 2025: More aluminum: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models ...
HomePod mini and Apple TV

HomePod Mini 2 and New Apple TV Launch Timeframe Narrowed Down

Sunday January 12, 2025 4:11 pm PST by
Bloomberg's Mark Gurman recently reported that Apple plans to release new HomePod mini and Apple TV models this year, and now he has provided a more precise timeframe. In his Power On newsletter today, Gurman said Apple is currently aiming to launch the new HomePod mini and Apple TV models "toward the end of the year." That timeframe suggests the devices will be released at some point...
AppleEventLogoFeature

Apple Focusing on These Eight New Low-Cost Devices in 2025

Saturday January 11, 2025 1:00 am PST by
Apple's slate of 2025 products look to be dominated by a large number of low-cost and entry-level devices. Here's what to expect. With advancements like Apple Intelligence and all-new in-house chip designs, Apple is reportedly looking to enhance many of its budget-friendly offerings, ensuring they remain competitive in an increasingly crowded market. These updates also indicate a slight...
iPhone 17 Pro Dual Tone Horizontal 1

iPhone 17 Pro Main Camera Sensor 'Smaller' Than iPhone 16 Pro Sensor

Friday January 10, 2025 3:14 am PST by
This year's iPhone 17 Pro models will feature a smaller main camera sensor than the one used in the Fusion camera currently found in iPhone 16 Pro models, according to Weibo-based leaker Digital Chat Station. The Chinese leaker claims that Apple will adopt a 1/1.3" sensor for the 48MP main camera in the iPhone 17 Pro and iPhone 17 Pro Max, down from the 1/1.28" sensor used in the iPhone 16...
se 4 for 2025

When to Expect the iPhone SE 4 or So-Called 'iPhone 16E' to Launch

Friday January 10, 2025 9:20 am PST by
Apple is widely rumored to be planning a new iPhone SE, and multiple sources lately have commented on the device's launch timing. The latest word comes from Apple supply chain analyst Ming-Chi Kuo. In a blog post today, he said the device will be released around the middle of the first half of 2025. In other words, around the quarter mark of 2025. That means the next iPhone SE will likely be ...
airpods pro 2 botw

Hearing a Mysterious Chime From Your AirPods Pro Case? It's a Feature

Thursday January 9, 2025 3:42 pm PST by
If you've been hearing a chiming sound from your AirPods Pro 2 case when the AirPods are charging, it's a feature that Apple added with the launch of Hearing Health last year. In a support guide, Apple says that the AirPods Pro may play a sound every so often while in the case to ensure the microphones and speakers are working as intended. From Apple: To help ensure that your AirPods...
Generic iOS 18

iOS 18.3 Coming Soon: Here's What's New

Monday January 13, 2025 5:33 am PST by
iOS 18.3 is currently in beta for developers and public beta testers. So far, the upcoming iPhone software update is very minor in scope. Below, we outline what is new in iOS 18.3 so far. The only potential new feature coming to iPhones with iOS 18.3 so far is robot vacuum support in the Home app, but this functionality is not yet live. Apple is laying the groundwork for the feature,...
apple pay feature dynamic island

Apple Pay Now Lets You Pay Later With Synchrony [Updated]

Friday January 10, 2025 11:34 am PST by
Synchrony is now available as a buy-now, pay-later option when checking out with Apple Pay online and in apps on iPhone and iPad. Synchrony was added to a list of Apple Pay installment providers in the U.S. in an Apple support document that was updated today, joining Affirm and Klarna. The addition was spotted by MacRumors contributor Aaron Perris. iOS 18 and iPadOS 18 users can select...

Top Rated Comments

benh911f Avatar
44 months ago
I hate when these companies release statements after the fact saying how important keeping customer info safe and secure is. Just so disingenuous when it clearly isn’t important to them at all.
Score: 25 Votes (Like | Disagree)
velocityg4 Avatar
44 months ago
T-Mobile: We're now upgrading to Windows 98 and installing Norton Utilities. Plus enforcing four digit numerical passwords for all administrators. Everything should be good now.
Score: 24 Votes (Like | Disagree)
nutmac Avatar
44 months ago
All empty words.

T-Mobile should minimally implement:

* Non-SMS 2FA: Integrate with more secure 3rd party SSO like Apple or Google, and allow customers to use only RFC-6238 without the SMS fallback.
* Automated PIN Entry: Currently, T-Mobile representative asks customers to recite the PIN. A bank teller would never ask for your PIN. The entry should be done by an automated system.
* Close the Backdoors: T-Mobile representative can bypass the PIN and reset it with easily hacked info like social security number and mother's maiden name. Resetting them should require third party knowledge-based authentication service.
* Data minimization: Do not store sensitive info like social security number, birthdate, and driver's license. Customers should be required to enter these information whenever T-Mobile needs to pull credit report.
* Data retention: When a customer leaves, encrypt and archive their data to entirely separate system that requires more stringent access control. And allow customers to delete them indefinitely.
Score: 12 Votes (Like | Disagree)
Think|Different Avatar
44 months ago
I mean, I could switch but, these days, whoever I switched to could have the same thing happen during the first week. This stinks and is unacceptable but I can’t say it’s an obvious decision to ditch them.
Score: 6 Votes (Like | Disagree)
justperry Avatar
44 months ago
[HEADING=2]Apologizes Until it happens again...and again...and yet again.[/HEADING]
Score: 5 Votes (Like | Disagree)
mapsdotapp Avatar
44 months ago
T-Mobile does have terrible security, even from a consumer’s perspective. They support TOTP tokens for two-factor authentication, but even if one enables it you can still use SMS as a fallback. This defeats the whole point as SMS has known vulnerabilities and is deprecated as a 2FA measure by NIST. Oh and by the way, your Apple ID has this vulnerability too. Hope your phone number is secure.
Score: 4 Votes (Like | Disagree)