T-Mobile, an US telecom company, recently experienced a security breach in which some of its customers had their information, including “call-related information,” exposed online, its fourth since 2018.
Although it isn’t clear exactly how the hackers gained access to the data, T-Mobile said it has employed an external cybersecurity firm to conduct an investigation.
What information was involved in the security breach?
Earlier this week, the US telecom began sending text message to its customers about a security incident that may have impacted some of their account information, such as phone numbers, number of lines in an account, and call-related information collected by T-Mobile. However, they must remain on the lookout for any suspicious texts claiming to be from T-Mobile or messages containing links to third-party websites as cybercriminals often use the news of a data breach to launch phishing attacks.
Security Incident Notice
In an email to FOX Business, a T-Mobile spokesperson said the company notified the less than 0.2% of users affected. “We identified this attack in early December and quickly shut down the incident,” the spokesperson added.
T-Mobile provided other details in a notice of security incident on its website and explained that its security team recently discovered “malicious, unauthorized access” to its systems.
According to this statement “Customer proprietary network information (CPNI) as defined by the Federal Communications Commission (FCC) rules was accessed. The CPNI accessed may have included phone number, number of lines subscribed to on your account and, in some cases, call-related information collected as part of the normal operation of your wireless service. As stated above, the data accessed did not include names on the account, physical or email addresses, financial data, credit card information, social security numbers, tax ID, passwords, or PINs.”
Since no personal or financial information was exposed, T-Mobile is not providing free credit monitoring services, but only notifying customers, per US state laws.
Previous hacks to T-Mobile
The company added the breach, reported to have impacted approximately 200,000 users. This attack appears to be less severe than the one that occurred in March in which hackers were able to gain access to T-Mobile employee emails while also gaining access to certain financial customer data.
The company has experienced several other security breaches in recent years. In 2018, a breach impacted the personal information of two million customers, with hackers gaining access to names, billing ZIP codes, email addresses, phone numbers and account data.
In 2019, 1 million prepaid customers had their information compromised by hackers.