4920 Constellation Drive
White Bear Township, MN 55127-2218
help@chipscs.com | 651.407.8555
Schedule Now
The T-Mobile data breach in August 2021 was massive. Find out what data was stolen, what T-Mobile is doing to help customers affected by the breach, and how to protect yourself even if you are not a breach victim.
On August 15, 2021, the world first learned about the massive T-Mobile data breach. The disclosure came from a most unusual source — the hackers who pulled off the data heist. The cybercriminals told BleepingComputer that they hacked into T-Mobile’s production, staging, and development servers and stole the personal data of millions of T-Mobile customers. A day later, T-Mobile confirmed that its systems had indeed been attacked and some of its data stolen. Later updates revealed that the stolen data included personal information about T-Mobile and Metro by T-Mobile customers.
What Was Stolen
In the August 2021 data breach, hackers stole the personal data of more than 54 million past, present, and prospective T-Mobile customers. In addition, data about 52,000 current Metro by T-Mobile customers was taken.
The types of data stolen is a good news/bad news situation. First, the good news: No financial information was included. “We have no indication that personal financial or payment information, credit or debit card information, account numbers, or account passwords were accessed,” stated T-Mobile.
Now, the bad news: Highly sensitive ID numbers were taken, including Social Security and driver license numbers. “The exact personal information accessed varies by individual,” according to T-Mobile. “We have determined that the types of impacted information include: names, drivers’ licenses, government identification numbers, Social Security numbers, dates of birth, T-Mobile prepaid PINs (which have already been reset to protect you), addresses and phone number(s).”
In addition, International Mobile Subscriber Identity (IMSI) and International Mobile Equipment Identity (IMEI) numbers were stolen. IMSI numbers are used to identify the users of a cellular network, whereas IMEI numbers are used to identify the devices on a cellular network.
Hackers have put all the stolen data up for sale on the dark web.
What T-Mobile Is Doing to Help Customers
T-Mobile has already sent notifications to current customers involved in the data breach. Current customers who were not affected by the breach will see a banner on their MyT-Mobile.com account login page telling them so. At the time of this writing, T-Mobile is in the process of notifying former and prospective customers affected by the breach.
Besides letting customers know whether or not their data has been stolen, T-Mobile is:
T-Mobile set up a web page that provides links to these and other resources.
What Is Being Done to Prevent Another Attack
To prevent a similar attack in the future, T-Mobile conducted a forensic investigation of the data breach, with assistance from the cybersecurity firm Mandiant. The telecom giant has not disclosed too many details about the data breach since there is a criminal investigation underway. However, it did divulge that the cybercriminals gained access to the company’s IT network through the testing environment. They then used brute force attacks and other techniques to access the servers containing the customer data.
T-Mobile has closed the entry points that the hackers used to gain access to the various servers. It has also entered into long-term partnerships with Mandiant and KPMG, a cybersecurity consulting firm. “I am confident in these partnerships and optimistic about the opportunity they present to help us come out of this terrible event in a much stronger place with improved security measures,” said T-Mobile CEO Mike Sievert.
This help is sorely needed. The August 2021 incident is the fifth major data breach at T-Mobile in the last three years. Hackers stole the personal data of 2 million customers in November 2018. A year later an undisclosed number of customers using the company’s prepaid services had their personal information pilfered. Then, in March 2020, both customers and employees had their names, addresses, account numbers, and other data stolen. Nine months later roughly 200,000 customers had their phone numbers, call records, and other Customer Proprietary Network Information (CPNI) breached.
This disturbing trend coupled with the fact that T-Mobile violated the California Consumer Privacy Act is helping fuel lawsuits against the company. Two class-action lawsuits have already been filed, with many more likely to come.
Ways Everyone Can Protect Themselves
There is little you can personally do to stop cybercriminals from hacking into companies’ databases and stealing your personal data. However, there are measures you can take to minimize the damage if you find out you are a data breach victim:
T-Mobile flickr photo by JeepersMedia shared under a Creative Commons (BY) license