T-Mobile Suffers Potential Data Breach; Over 100 Million Possibly Affected

T-Mobile Suffers Potential Data Breach; Over 100 Million Possibly Affected

Yesterday, T-Mobile confirmed investigating a potential data breach that could affect more than 100 million customers. Motherboard originally broke this story. 

T-Mobile began its investigation into a potential breach after learning of a hacker claiming to be selling a trove of its customers’ data. Motherboard, upon examining some of the allegedly stolen data, believes the data to be authentic.  If confirmed, the breach would affect nearly every T-Mobile customer and would expose sensitive information such as driver license info and Social Security Numbers. 

The hacker appears to be selling the information of 30 million accounts for 6 bitcoins (approximately $270,000) and selling the rest through private channels. 

For more on this potentially devastating breach, we turn to the cybersecurity experts. 

T-Mobile Suffers Potential Data Breach; Over 100 Million Possibly Affected

Trevor Morgan

Trevor Morgan is Product Manager at comforte AG

“The reported data breach affecting T-Mobile and T-Mobile customers could have significant repercussions across the board. While more details still need to be substantiated (and T-Mobile says they are actively investigating the incident), T-Mobile customers should do what they can to protect against any further compromise by locking down personal credit and other accounts and exercising hyper-vigilance in the days and weeks to come. For T-Mobile, the situation brings up privacy concerns and questions about the level of due diligence they’ve enacted to prevent hacks and data breaches—the outcome, depending on the facts, could include fines, legal action, and of course reputational damage.

The average enterprise, though, has an opportunity to learn from this. T-Mobile is an international company with ample resources at its disposal to prevent situations such as this, but the truth of the matter is that hacks and breaches are inevitable even for the most well-protected enterprise. Defensive methods such as protecting perimeters around data are not fool-proof, and a determined threat actor can always find ways to circumvent this type of data security. Better to investigate data-centric security that protects the data itself instead of the borders around it. Methods such as tokenization replace sensitive data elements with representational tokens, rendering any stolen data useless. Learning from the T-Mobile incident and determining how data-centric security could augment your security posture would definitely be a good call.”

Jack Chapman

Jack Chapman is VP of Threat Intelligence at Egress

“This could be one of the most serious leaks of consumers’ sensitive information we’ve seen so far this year, potentially affecting 100 million people. Cyber-criminals are using T-Mobile’s data to line their pockets, and unfortunately, it’s T-Mobile’s customers who will pay the price.

The data leaked in this breach is reported as being already accessible to cyber-criminals, who could now weaponize it to formulate sophisticated phishing attacks targeting the victims. In light of this, I would urge any customers who have been affected by this breach to be wary of any unexpected communications they might now receive, whether that’s over email, text messages, or phone calls. Follow-up attacks may utilize the information accessed through this data breach to trick people into sharing more personal data that can be used for identity and financial fraud.

This highlights the need for organizations such as T-Mobile to put in place the right technology to secure their sensitive data and defend their employees and their company from targeted attacks by cyber-criminals. It’s time for organizations to take responsibility and ensure they’re keeping their customers’ data out of the hands of cyber-criminals.”

Thank you to the experts for their time and expertise on the alleged T-Mobile data breach. For more, check out the SIEM Buyer’s Guide

Ben Canner