US-based telecom giant T-Mobile has suffered yet another data
breach incident that recently exposed personal and accounts
information of both its employees and customers to unknown
hackers.
What happened? In a breach notification posted on its
website, T-Mobile today said its cybersecurity team recently
discovered a sophisticated cyberattack against the email accounts
of some of its employees that resulted in unauthorized access to
the sensitive information contained in it, including details for
its customers and other employees.
Although the telecom company did not disclose how the breach
happened, when it happened, and exactly how many employees and
users were affected, it did confirm that
the leaked information on its users doesn’t contain financial
information like credit card and Social Security numbers.
[1]
What type of information was accessed? The exposed data of
an undisclosed number of affected users include their:
- names,
- phone numbers,
- account numbers,
- rate plans and features, and
- billing information.
What is T-Mobile now doing? The company took necessary
steps to shut down the unauthorized access upon discovery and
immediately notified law enforcement of the security breach
incident.
T-Mobile also immediately launched a forensic investigation to
determine the extent of the breach incident, a report of which is
expected to be released soon..
“We regret that this incident occurred. We take the security of
your information very seriously, and while we have a number of
safeguards in place to protect customer information from
unauthorized access, we are also always working to further enhance
security so we can stay ahead of this type of activity,” the
company said.
The company is notifying
affected customers of the breach incident.
[2]
What should you do now? Though T-Mobile said it does not
have any evidence of the stolen information being used to commit
fraud or otherwise misused, it still advises users to change
PIN/passcode to access their accounts as a precaution.
Affected customers should also be suspicious of phishing emails,
which are usually the next step of cybercriminals in an attempt to
trick users into giving away their passwords and credit card
information.
Although the T-Mobile data breach incident did not expose any
financial information of affected customers, it is always a good
idea to be vigilant and keep a close eye on your bank and payment
card statements for any unusual activity and report to the bank if
you find any.
The incident comes in less than six months after the telecom
giant suffered a significant data
breach[3] that exposed the
personal information of some of the customers using its prepaid
services.
In August 2018, the company also disclosed a data breach that
affected roughly two million
customers.
[4]
References
- ^
confirm that
(www.t-mobile.com) - ^
notifying
(www.reddit.com) - ^
significant data breach
(thehackernews.com) - ^
two million customers
(thehackernews.com)