A new T-Mobile hack exposed private customer information

No matter how careful you are with your online accounts, there’s only so much that you can do to protect yourself. We leave the rest up to the companies that maintain those accounts, and they are anything but perfect.

For example, in August, T-Mobile was the victim of a massive data breach that affected nearly 50 million customers. The FCC even launched an investigation.

The bad news is that the carrier is still vulnerable, as T-Mobile has reportedly uncovered a new hack.

Earlier this week, The T-Mo Report obtained internal documents regarding a recent T-Mobile hack. The documents state T-Mobile sent “a small number” of customers a letter to warn them of unauthorized activity on their accounts. The carrier separated the customers into three categories:

The hackers were able to view the account information of some customers. T-Mobile refers to the information as customer proprietary network information, or CPNI. It includes the billing account name, phone number, the number of lines on the account, T-Mobile account number, rate plan name, and monthly recurring charges.

The second category includes customers who had their SIM cards swapped by a threat actor. If a hacker is able to change the SIM card associated with a T-Mobile customer’s number, they might take control of the customer’s number. This is especially worrying because the hacker can then access other accounts by using two-factor authentication codes sent to the number.

The third and final category includes customers who fall into both of the other two categories.

Unlike the data breach in August, T-Mobile hasn’t issued any public statements about this hack. The carrier did send letters to every affected customer. But the fact that we haven’t heard anything from those customers would suggest that this hack is far less widespread.

T-Mobile’s August 2021 data breach

If a significant number of customers were affected, T-Mobile likely would have notified the public by now. Meanwhile, the carrier hasn’t updated its blog for over a week.

The last time the carrier reported a hack, T-Mobile CEO Mike Sievert wrote a lengthy post on the matter. Here is the executive’s explanation for what happened:

On August 17th we confirmed that T-Mobile’s systems were subject to a criminal cyberattack that compromised data of millions of our customers, former customers, and prospective customers. Fortunately, the breach did not expose any customer financial information, credit card information, debit or other payment information but, like so many breaches before, some SSN, name, address, date of birth and driver’s license/ID information was compromised. To say we are disappointed and frustrated that this happened is an understatement. Keeping our customers’ data safe is a responsibility we take incredibly seriously and preventing this type of event from happening has always been a top priority of ours. Unfortunately, this time we were not successful.

We’ll be on the lookout for official word from T-Mobile about the latest hack. In the meantime, if you’re a T-Mobile subscriber, keep an eye out for messages from the carrier.