Starting on December 30, 2020, T-Mobile began notifying their customers via text message that a data breach exposed customers’ phone numbers and call records. The breach affected approximately 200,000 of their over 100 million customers. The data stolen is known as Customer Proprietary Network Information (CPNI). The data accessed in the incident did not include other information such as customer names, social security numbers, password or financial information.Starting on December 30, 2020, T-Mobile began notifying their customers via text message that a data breach exposed customers’ phone numbers and call records. The breach affected approximately 200,000 of their over 100 million customers. The data stolen is known as Customer Proprietary Network Information (CPNI). The data accessed in the incident did not include other information such as customer names, social security numbers, password or financial information.
Analyst Notes
The notice from T-Mobile stated that the company’s Cybersecurity team detected and quickly stopped the breach. This quick action most likely saved the company from exposing the data of more customers and prevented the attacker from gaining access to more sensitive information. While no data breach notification is easy, it is much better to have discovered and stopped the intrusion in the early stages than to let an attack go undetected for months. Companies need a strong security monitoring program in place that can detect anomalous behavior at any time and investigate the cause. Anyone who was notified by T-Mobile about being part of this incident should be on the lookout for suspicious text messages. These messages could come in various forms including looking like they are from T-Mobile asking for personal data. It is common for threat actors to use the small amount of data they stole to further the attack towards victims in an attempt to steal more data from them. If someone received a suspicious text message from T-Mobile, they should not click any links in the message or give the sender any personal data.
More about this incident can be read here: https://www.bleepingcomputer.com/news/security/t-mobile-data-breach-exposed-phone-numbers-call-records/
T-Mobile’s security incident notification can be found here: https://www.t-mobile.com/responsibility/consumer-info/security-incident?cmpid=MGPO_SS_C_SVCMSG_RQ3RIG2CVRLHVICR61528
