Another day, another security breach. On Monday, August 20th, T-Mobile revealed that they suffered a security breach.
Leaked personal information included customers’ name, billing zip code, phone number, email address, account number, and account type (prepaid or postpaid) for up to 2 million T-Mobile customers.
Spear Phish Threat
Although no financial information such as credit card numbers, social security numbers, or passwords was exposed, the information that was compromised is all a cybercriminal needs to create a convincing spear-phishing email.
T-Mobile’s cybersecurity team discovered and shut down an “unauthorized capture of some information” this past Monday. It has not been published how the hackers were able to get into the servers.
Unknown hackers, part of “an international group,” somehow gained access to T-Mobile’s servers’ Application Program Interface (API). This API didn’t contain financial data or other sensitive information and was shut down very quickly.
Out of 77 million customers, 3% of them were affected by this security breach.
“We take the security of your information very seriously and have a number of safeguards in place to protect your personal information from unauthorized access,” T-Mobile said. “We truly regret that this incident occurred and are so sorry for any inconvenience this has caused you.”
T-Mobile informed law enforcement about the security breach. They are also notifying affected customers directly through SMS message, a letter in the mail, or a phone call.
T-Mobile is encouraging customers to reach out to Customer Service through 611 for any information regarding this security breach.
Original Article Found Here.