T-Mobile has warned millions of its customers that a threat actor used an application programming interface (API) to gain access to some of their sensitive data.
In a warning posted on the company’s website, T-Mobile tried to downplay the significance of the incident, saying it obtained “basic customer information (most of which is of the type widely available in marketing databases or directories). )”.
However, the data includes people’s names, billing addresses, email addresses, phone numbers, dates of birth, and account numbers—all valuable information for identity theft. (opens in a new tab) attacks, phishing and similar social engineering attacks.
Millions of victims
Passwords, payment card information, Social Security numbers, government identification numbers, as well as financial account information remained secure, the company confirmed. It also said that its investigation concluded that there was no evidence of a breach in its networks or systems.
While the warning does not say how many people were affected by the breach and what types of accounts were compromised, data on a total of 37 million customers was accessed, including prepaid and postpaid customers.
The attack took place between November 25, 2022, and January 5, 2023. It was January 6 when T-Mobile finally cut off access for threat actors.
The company reported the attack to both law enforcement and US federal agencies, whose investigation is now ongoing, it was said. T-Mobile also added that it began notifying customers that they may have had their data compromised.
The German telecom giant’s record of data breaches is far from ideal. The company has had several incidents over the years, including one in 2018, one in 2019, and at least three in 2020. In 2021, the company was found to have paid hundreds of thousands of dollars to keep its sensitive data from leaking. to the web. , which happened anyway, and a year later, in 2022, he confirmed being a target of the extortion gang Lapsus$.
Via: BleepingTeam (opens in a new tab)