The Saga of T-Mobile Data Breach

  • By David Lukic
  • Aug 17, 2020

T-Mobile Data Breach incident occurred many times. Once from September 1, 2013, and September 16, 2015 and the second one on August 20, 2018, and lastly in 2019 and 2020. These incidents were responsible for exposing millions of consumers personal data.

If it wasn’t bad enough that from 2013 until 2015, T-Mobile customers’ information was accessed through the Experian data breach, T-Mobile experienced its own data breach in 2018, affecting 2 million customers. The Experian incident was far more severe, affecting 15 million customers and exposing things like social security numbers, passport and driver’s license numbers as well as financial data. The 2018 T-Mobile data breach, however, only afforded cybercriminals things like names, billing addresses and zip codes, dates of birth, phone numbers, email addresses, account numbers, and the account types. T-Mobile later admitted the hackers also got away with encrypted passwords. The in-house T-Mobile security team shut down the breach quickly and notified customers through text messages. Moreover, prepaid customers of T-Mobile in 2019 saw their data get breached where about a million people witnessed identity theft. And lastly, in 2020, the incident of T-Mobile became one of the biggest Data Breaches of the year.

t mobile data breach

When Was the T-Mobile Data Breach?

The original Experian data breach, which affected more than 15 million T-Mobile customers, took place between September 1, 2013, and September 16, 2015. 

The latest breach occurred on Monday, August 20, 2018, and thankfully, the cybersecurity team shut it down quickly. Security experts suspect a foreign country’s involvement. The November 2019  data breach incident was targeted towards pre-paid customers. And the most recent one, the 2020  data breach caused the identity theft of customer’s addresses, rate plans, and features, names, phone numbers, billion information, and account numbers. names and addresses, phone numbers, and account numbers.

T-Mobile Caught in Another Massive Data Breach

News spread like wildfire yesterday about the T-Mobile data breach, which appears to have been far worse than first expected. It’s also the sixth data breach for T-Mobile in just four years.

What Happened?

On Monday, T-Mobile told the press that it had experienced a data breach but was careful to say they weren’t sure if any customer data was exfiltrated in the attack. They also downplayed the damage.

T-Mobile only admitted the data breach after Vice was contacted by hackers who divulged that they were in the process of selling “full customer info” stolen from T-Mobile servers and that the total cache contained more than 100 million customers.

T-Mobile said on Sunday that it was “aware of claims made in an underground forum,” and the company was “actively investigating their validity.”

As a follow-up, the company said they had repaired the vulnerability and are working urgently to investigate the data breach to assess the damage.

In its statement to the press, T-Mobile said,

“Until we have completed this assessment, we cannot confirm the reported number of records affected or the validity of statements made by others.”

T-Mobile elaborated with,

“We have determined that unauthorized access to some T-Mobile data occurred, however, we have not yet determined that there is any personal customer data involved. We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed.”

The company will alert customers and stakeholders as the story unfolds and they uncover the whole truth about the breach. However, as they work on that, T-Mobile customers remain at risk from other types of fraud.

t mobile breach

More Details from the Hackers

According to the dark web forum, hackers claim to have personal information from 100 million T-Mobile customers, including names, phone numbers, home addresses, and more sensitive data like social security numbers, driver’s license information, and IMEI numbers (unique identifiers tied to each mobile device).

According to Motherboard who first reported the breach on Sunday, hackers are already selling a portion of the 100 million T-Mobile customers’ data for 6 bitcoin, about $280,000. Motherboard confirmed the sample and said it is accurate information.

Customers and victims of this data breach could face a whole host of attacks such as phishing through email or SMS text messages, scam phone calls, along with SIM card swapping where the user’s phone number is taken over, and they can no longer use their account. Hackers could also use customer phone’s to access other accounts by intercepting text messages for authentication.

How to Check if Your Victim of T-mobile Security Breach

If you were affected, then T-Mobile already text messaged you and alerted you via mail or email. They notified customers immediately, assuring them that no credit card data, social security numbers, or other financial information was stolen. However, they first thought passwords were not affected but then later discovered they were. 

T-mobile Data Hacked? Here's What to Do

If you are a T-Mobile customer and have not yet changed your account password, do so now. You can also review this notice here that T-Mobile posted for customers regarding the incident. Additionally, you should consider the steps below to secure your account further:

  • If you have a credit card associated with your T-Mobile account, it might be prudent to cancel it and have the PIN # changed.

  • Also, watch your bank and credit card statements carefully scanning for any suspicious activity.

  • Be on the lookout for phishing emails that appear to come from T-Mobile but ask you to verify personal details or supply additional information by clicking a link or downloading an attachment. 

  • Monitor your credit reports and sign up for credit monitoring (IDStrong.com offers this service).

Can T-Mobile Data Breach Lead to Identity Theft?

Yes, the information stolen is enough for hackers to steal your identity. The first hack gave cybercriminals a lot of personal information. That data may have ended up on the dark web and combined with the new information stolen; criminals could easily assume your identity and open new accounts and charge fees under your name. And, It’s always better to be safe than sorry, and there are things you can do to protect yourself, most importantly, statistics of identity theft support these claims.

t mobile security breach

What to Do to Protect Yourself Against Cybercriminals

With all the latest data breaches in the news, it is hard to believe that all your personal information isn’t just out there floating around waiting to be used. Even if it is, you can take precautions against that information being used to steal from you, take control of your computer or steal your identity.

  • Install the best antivirus software on your computer and run scans often.
  • Be on the watch for phishing emails and scams (emails that look legitimate but sound odd or urgent).
  • Never click links or open attachments from emails.
  • Carefully monitor your bank and credit card statements, always on the lookout for fraudulent activities.
  • Do not give out your personal details to anyone you do not know well.
  • Change your computer and device passwords often and use hard-to-guess, complex ones.
  • Sign up for two-factor authentication.
  • Contact the three major credit bureaus (Experian, TransUnion, and Equifax) and initiate a fraud alert.
  • Stay alert and watch out for many different types of fraud.
  • Sign up for identity theft monitoring at once.

T-Mobile will notify customers once they have further information. However, in the meantime, customers should do everything they can to protect themselves from further harm.

About the Author
IDStrong Logo

Related Articles

Adult Friend Finder Hacked, 412 Million Accounts Exposed

Six databases that were owned by Friend Finder Networks, Inc. suffered a massive data breach in 20 ... Read More

The Anatomy Of Amazon Data Breach Explained

Along with being an online merchant, Amazon also supplies cloud servers to some heavy hitters in t ... Read More

What is Data Leak and How to Prevent Accidental Data Leakage

Data breaches take many forms, and one of them is through data leak and accidental web exposure. M ... Read More

Anthem Data Breach Exposed 78 Million Records

In the Anthem Data Breach of 2015, hackers were able to steal 78.8 million member’s records. Wha ... Read More

Everything You Need to Know About Insider Data Breach

Data breaches are on the news frequently, but the average person doesn’t really know that mu ... Read More

Latest Articles

Nelnet Data Breach Impacts 2.5 Million Students

Nelnet Data Breach Impacts 2.5 Million Students

Nelnet is a student loan service based out of Lincoln, Nebraska. Recently, it suffered a data breach that revealed the personal information of over 2.

Facebook has Been Receiving a Plethora of Medical Information

Facebook has Been Receiving a Plethora of Medical Information

In early June of 2022, the nonprofit news reporter The Markup discovered that an ad-based service, Meta Pixel, was being used by 33 of the top 100 hospitals in the US. Meta is now being sued for allegedly sending sensitive medical information to Facebook, along with two of the involved hospitals.

What is the Geek Squad Email Scam and How to Avoid It

What is the Geek Squad Email Scam and How to Avoid It

Computers are, arguably, one of the most essential items necessary for life in modernity. Through them, not only can we be entertained, but we can be informed or critiqued.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an email address
Close