T-Mobile's Latest Data Breach Linked to SIM Swap Attacks

Back in August, T-Mobile suffered a massive data breach impacting more than 50 million current, former, and prospective T-Mobile users, and now the cellular company is dealing with another smaller data breach incident.

tmobilelogo
Reports yesterday suggested that T-Mobile was aware of unauthorized activity affecting some customer accounts, and now, T-Mobile has confirmed that those reports were due to SIM swap attacks affecting a "very small number of customers."

In a statement to Bleeping Computer, T-Mobile said that impacted customers had been informed that they had been the victim of SIM swap attacks. In a SIM swap attack, social engineering is used to persuade T-Mobile employees to reassign the phone numbers linked to a person to someone else, allowing attackers to take over a phone number. This can be devastating, as phone numbers are often linked to email accounts, banking accounts, and other sensitive information.

We informed a very small number of customers that the SIM card assigned to a mobile number on their account may have been illegally reassigned or limited account information was viewed.

Unauthorized SIM swaps are unfortunately a common industry-wide occurrence, however this issue was quickly corrected by our team, using our in-place safeguards, and we proactively took additional protective measures on their behalf.

T-Mobile says that the attack has been mitigated and that the issue has now been corrected, but the company has not provided specific details on the number of customers impacted nor how the hackers were able to execute the SIM swap attacks.

In the August data breach, attackers were able to obtain phone numbers, addresses, birth dates, social security numbers, driver's license and ID info, IMEI numbers, and IMSI numbers for more than 50 million people, with the information offered up for sale.

T-Mobile CEO Mike Sievert apologized for the breach at the time, and said that T-Mobile was "truly sorry" for the incident, which was the result of a "bad actor" who used knowledge of T-Mobile's technical systems to gain access to testing environments, using brute force attacks to access T-Mobile's IT servers.

To prevent future attacks, T-Mobile entered into a long-term partnership with cybersecurity experts at Mandiant and with consulting firm KPMG LLP, and the company said that it was planning a multi-year investment to improve security.

Top Rated Comments

sw1tcher Avatar
3 weeks ago

No wonder Apple wants to transition into eSim
eSIM is not going to 100% prevent SIM swap attacks.

The weak link is the customer service rep approving the swap.
Score: 22 Votes (Like | Disagree)
VulchR Avatar
3 weeks ago
Time to start compensating people directly and substantially when their data are hacked.
Score: 19 Votes (Like | Disagree)
noone Avatar
3 weeks ago
I think its about time TMobile gets heavily fined for every data breach they have. I understand that, despite best efforts, things can happen. But TMobile gets hit over and over and over and over and over again. At this point its pure negligence.
Score: 14 Votes (Like | Disagree)
BigBlur Avatar
3 weeks ago
Just curious, how does eSIM solve this? It’s not like they are actually swapping physical SIM cards…
Score: 14 Votes (Like | Disagree)
Apple$ Avatar
3 weeks ago
Maybe it's time for Apple to start their own MVNO company. At least in the US.
Score: 13 Votes (Like | Disagree)
jz0309 Avatar
3 weeks ago
Guess their engagement with cyber security experts is not working yet…
Score: 12 Votes (Like | Disagree)

Related Stories

tmobilelogo

T-Mobile CEO Apologizes for Data Breach, Shares Info on Future Security Plans

Friday August 27, 2021 1:03 pm PDT by
T-Mobile CEO Mike Sievert today penned a letter to T-Mobile customers apologizing for the recent data breach that impacted more than 50 million current, former, and prospective T-Mobile users. Data that included names, phone numbers, addresses, birth dates, social security numbers, driver's license and ID info, IMEI numbers, and IMSI numbers was stolen and has been offered for sale. "We...
tmobilelogo

T-Mobile Says an Additional 5.3 Million Customer Accounts Were Compromised in Data Breach

Friday August 20, 2021 9:21 am PDT by
T-Mobile earlier this week shared details on a data breach where hackers gained access to the personal information of close to 50 million current, former, and prospective customers. At the time, T-Mobile said that data from 7.8 million current customers had been compromised, as well as information from 40 million former or potential customers. In an updated statement provided today, T-Mobile ...
apple security banner

Apple Reportedly Notified Some U.S. State Department Employees They May Have Been Targeted by NSO Group Spyware

Friday December 3, 2021 8:56 am PST by
Apple has notified at least nine U.S. Department of State employees that they may have been targeted by state-sponsored spyware created by Israeli company NSO Group, according to a Reuters report citing four people familiar with the matter. A spokesperson for NSO Group told Reuters that it will investigate and take legal action against customers using its tools illegally if necessary."If our ...
apple security banner

Apple Outlines How It Will Notify Users Who Have Been Targeted by State-Sponsored Spyware Attacks

Tuesday November 23, 2021 8:15 pm PST by
Earlier today, Apple announced that it had filed suit against NSO Group, the firm responsible for the Pegasus spyware that has been used in state-sponsored surveillance campaigns in a number of countries. NSO Group seeks to take advantage of vulnerabilities in iOS and other platforms to infiltrate the devices of targeted users such as journalists, activists, dissidents, academics, and government...
iphone 12 sim card slot

Apple Allegedly Preparing for iPhones Without SIM Card Slot by September 2022 [Updated]

Sunday December 26, 2021 8:13 pm PST by
Earlier this week, a rumor from Brazilian website Blog do iPhone claimed that iPhone 15 Pro models might not have a physical SIM card slot in at least some countries and regions, but the change might happen even sooner. Image: iFixit An anonymous tipster informed MacRumors that Apple has advised major U.S. carriers to prepare for the launch of eSIM-only smartphones by September 2022. The...
tmobilelogo

T-Mobile's Security is 'Awful' Says Hacker Who Stole Data From 50 Million Customers

Thursday August 26, 2021 12:06 pm PDT by
T-Mobile recently suffered a significant data breach that saw sensitive data from more than 50 million current, prospective, and former customers stolen. John Binns, a 21-year-old American who lives in Turkey, told The Wall Street Journal that he is responsible for the attack. Binns said that he discovered an unprotected router in July after scanning T-Mobile's known internet addresses for...
tmobilelogo

T-Mobile Data Breach Included Personal Information of Almost 50 Million Customers

Wednesday August 18, 2021 5:41 am PDT by
T-Mobile has issued a statement with further details about a cyberattack that the company confirmed earlier this week, confirming that the data breach included the personal information of almost 50 million current, former, and prospective customers. Late last week, T-Mobile confirmed that a forum post that purported to offer data from more than 100 million people was the result of a company...
iphone 12 sim card slot

Sketchy Rumor Claims iPhone 15 Pro Won't Have Physical SIM Card Slot

Friday December 24, 2021 9:13 am PST by
iPhone 15 Pro models may lack a physical SIM card slot, according to a sketchy rumor shared by Brazilian website Blog do iPhone. Image Credit: iFixit While recent iPhone models have a physical nano-SIM card slot and a digital eSIM, the report claims that iPhone 15 Pro models slated for release in 2023 will instead have two eSIMs, ensuring that Dual-SIM functionality remains available....

Popular Stories

iPhone 14 Mock pill and hole thumb

ProMotion Now Expected to Remain Exclusive to iPhone 14 Pro Models, Not Expand to Entire Lineup

Sunday January 16, 2022 8:56 am PST by
Continuing the tradition set with the iPhone 13 Pro, only the highest-end iPhone 14 models will feature Apple's ProMotion display technology, according to a respected display analyst. Ross Young, who on multiple occasions has detailed accurate information about Apple's future products, said in a tweet that ProMotion will not be expanded to the entire iPhone 14 lineup and will remain...
safari icon blue banner

Safari Bug Allows Websites to Track Your Recent Browsing Activity in Real Time [Updated]

Sunday January 16, 2022 3:37 pm PST by
A bug in WebKit's implementation of a JavaScript API called IndexedDB can reveal your recent browsing history and even your identity, according to a blog post shared on Friday by browser fingerprinting service FingerprintJS. In a nutshell, the bug allows any website that uses IndexedDB to access the names of IndexedDB databases generated by other websites during a user's browsing session....
ipad air 4 video

New iPad Air Rumored to Launch This Spring With A15 Chip, 5G, Center Stage Camera, and More

Saturday January 15, 2022 8:05 pm PST by
Apple is planning to release a fifth-generation iPad Air with similar features as the sixth-generation iPad mini, including an A15 Bionic chip, 12-megapixel Ultra Wide front camera with Center Stage support, 5G for cellular models, and Quad-LED True Tone flash, according to Japanese blog Mac Otakara. Citing reliables sources in China, the report claims that the new iPad Air could be...
Unlikely Products 2022 Feature

Six Rumored Apple Products You're Unlikely to See This Year

Saturday January 15, 2022 2:06 pm PST by
Much has been said about what consumers could see from Apple in 2022, but the company is also working on a handful of rumored products that aren't expected to be unveiled for at least another 12 months, and in some cases a lot longer. Of course, that's assuming they get released at all. Apple works on many potential products some of which ultimately never see the light of day. With that in...
AirPods Pro Gen 3 Mock Feature Red

AirPods Pro 2 Could Start a New Accessory Ecosystem

Friday January 14, 2022 2:34 am PST by
Apple's second-generation AirPods Pro could arrive alongside a new series of accessories, recent leaked images suggest. Alleged leaked photos of the next-generation AirPods Pro obtained by MacRumors showed a charging case with a metal loop on the side for attaching a strap. Apple has not used this design for any of its other AirPod models and it is unclear why it would be added in this...
netflix2

Netflix Again Raises Prices for All Plans, 4K Streaming Now $20 Per Month

Friday January 14, 2022 12:46 pm PST by
Netflix today updated the prices for its streaming plans, and all of its offerings are now more expensive. The Basic plan is now priced at $9.99 per month, the Standard plan is priced at $15.49 per month, and the Premium plan is priced at $19.99 per month. The Basic plan is $1 more expensive, up from $8.99 per month. This plan allows users to watch on just one screen at a time, and it limits ...
tesla carplay solution

Developer Showcases Apple CarPlay Workaround for Teslas

Monday January 17, 2022 7:24 am PST by
A Tesla Model 3 owner has resorted to a workaround to implement Apple CarPlay in his vehicle, amid no sign of official support from Tesla (via Tesla North). Apple CarPlay and Apple Music support are among the most-requested Tesla features, but with no indication that Tesla is willing to implement Apple CarPlay in its vehicles, Polish developer Michał Gapiński took matters into his own...
top stories 20220115

Top Stories: iPhone 14 Pro Rumors, iCloud Private Relay Controversy, iOS 15.2.1 Released, and More

Saturday January 15, 2022 6:00 am PST by
Hole-punch? Pill? Hole-punch and pill? Rumors about what the front camera system on the iPhone 14 Pro will look like are evolving rapidly, and it now appears we might be getting a novel but potentially controversial design later this year. Other major stories this week included some confusion and controversy about iCloud Private Relay being disabled for some T-Mobile customers, increasing...