The telecommunications provider "T-Mobile" revealed that it suffered data breach, after realizing that some of his customers had fallen victim to SIM swapping attacks. Scammers carry out SIM swapping attacks with the aim of taking control of the victims' phone numbers, tricking company employees into transferring them to a rogue-controlled SIM. Once a SIM card is breached, the hackers they can steal money, cryptobodies and personal information, including contacts that are synchronized with online accounts. Cybercriminals could also violate SOCIAL MEDIA accounts and bypass 2FA-based services SMS used by online services.
Strangers have gained access to customer account information, including personal information and personal identification numbers (PINs), and T-Mobile has already informed affected customers. Specifically, the company states in its relevant notice the following: "Recently, we detected unauthorized activity on your T-Mobile account during which a stranger gained access to your account information, including your personal information and personal identification number (PIN). "T-Mobile immediately discovered and terminated the unauthorized activity, however, we recommend that you change your account PIN."
Exposed information may include full name, address, residence or address e-mail, account number, social security number, personal account identification number (PIN), account security questions and answers, date of birth, program information and number of clients associated with the account.
In accordance with Bleeping Computer, hackers used an internal application T-Mobile to target up to 400 customers in SIM swapping attack attempts. It should be noted, however, that the security breach did not affect business customers.
Therefore, affected T-Mobile customers are advised to change it password, their PIN and security questions. In addition, T-Mobile offers two years of free credit tracking and identity theft services to affected customers.
This is not the first time the mobile phone company has suffered a data breach.
- In 2017, hackers stole personal information from T-Mobile customers taking advantage of a well-known vulnerability. By exploiting the vulnerability the attackers were able to gain access to data specific customers, including email addresses, billing account numbers, and IMSI phone numbers. Such information could be used by malicious agents in social engineering attacks on T-Mobile customer support staff, with the aim of stealing the victim's phone number.
- In May 2018, an error on T-Mobile's site allowed malicious agents to gain access to any customer's personal account information by providing a phone number.
- In August 2018, T-Mobile suffered a security breach that exposed the personal data of up to 2 million T-Mobile customers.
- In November 2019, T-Mobile revealed a security breach that, according to the company, affected a small number of customers of its prepaid service.
- In March 2020, T-Mobile fell victim to a sophisticated cyber attack targeting its email provider. A data breach alert posted by the telecommunications giant on its site revealed that the breach of security affected both employees and customers.
- Finally, in December 2020, the company revealed a new data breach that exposed customer network information (CPNI), including phone numbers and call logs.