On Thursday, 19th January 2023, German telecommunications company T-Mobile announced that they have been affected by a massive data breach with an estimated 37 million customer accounts compromised. T-Mobile had faced similar attacks before too as on August 16, 2021, a hacker gained unauthorised access to the personal information of more than 76 million Americans. As a result of the attack in 2021, the company decided to spend $150 million on updated cybersecurity procedures and systems on top of $350 million to satisfy customer grievances.
As per the Wall Street Journal, John Binns, a 21-year old American hacker, subsequently claimed ownership of the breach crime with 37 million T-mobile accounts compromised. In connection with the data breaches, several lawsuits have been filed. The company has reported that names, addresses, phone numbers, email addresses, dates of birth, T-Mobile account numbers, the number of connections on the account, and plan details are among the stolen data. However, customers can be rest assured that the incident did not compromise any sensitive information, like social security numbers, credit card numbers, governmental ID numbers, credentials or passwords, PINs, or bank account information.
“The hacker probably started collecting data on November 25 2022 using an API, a common piece of code that allows the software to interface with other programmes”, claims the company. Just one month ago, hackers used an API flaw existing since June 2021 to gain access to the accounts and credentials of nearly 235 million Twitter users. Organisations can’t afford to rely on outdated cybersecurity solutions while upgrading to modern solutions is unfortunately easier said than done.
Also Read: How to Block Number from Calling and Texting on T-Mobile
The telecommunications firm acknowledged that the hack could lead to significant expenses, but it doesn’t believe these costs will materially affect T-Mobile’s bottom line. The major concern with this massive data breach is that cybercriminals might misuse the information acquired along with other material that has been obtained unscrupulously, or that is publicly available in order to defraud people of their finances or identities.
With investigations still ongoing for T-Mobile affected by a massive data breach with 37 Million accounts compromised, the malicious activity is reported to be fully under control at the moment. Since there is currently no proof that the hacker involved was able to breach their systems or network, further investigations should help uncover the truth behind this entire ordeal.