Did T Mobile get hacked?
T-Mobile said it learned late last week that an individual in an online forum claimed to have breached its systems and was attempting to sell stolen customer data. The company confirmed on Aug. 16 that it was hacked, later adding that attackers made off with personal data from 54 million people. The Wall Street JournalT-Mobile Data Hack: What We Know and What You Need to Do
Quotes displayed in real-time or delayed by at least 15 minutes. Market data provided by Factset. Powered and implemented by FactSet Digital Solutions. Legal Statement. Mutual Fund and ETF data provided by Refinitiv Lipper.
Check Point Software Technologies CEO Gil Shwed discusses rise in cyber attacks amid work from home.
T-Mobile has been hit with a pair of class-action lawsuits in Washington federal court as the number of current and former customers impacted by a cyberattack against the telecommunications giant grows.
One of the lawsuits, Espanoza v. T-Mobile USA, accuses T-Mobile of putting plaintiffs and class-action members at "considerable risk" due to the company's failure to adequately protect its customers as a result of negligent conduct.
"Armed with the Private Information accessed in the Data Breach, data thieves can commit a variety of crimes, including but not limited to fraudulently applying for unemployment benefits, opening new financial accounts in Class Members’ names, taking out loans in Class Members’ names, using Class Members’ information to obtain government benefits (including unemployment or COVID relief benefits), filing fraudulent tax returns using Class Members’ information, obtaining driver’s licenses in Class Members’ names but with another person’s photograph and providing false information to police during an arrest," the complaint states.
The other lawsuit, Durwalla v. T-Mobile USA, alleges victims have already already spent as much as 1,000 hours addressing privacy concerns stemming from the attack, including reviewing financial and credit statements for evidence of unauthorized activity.
"T-Mobile knew its systems were vulnerable to attack. Yet it failed to implement and maintain reasonable security procedures and practices appropriate to the nature of the information to protect its customers’ personal information, yet again putting millions of customers at great risk of scams and identity theft," the filing adds. "Its customers expected and deserved better from the second largest wireless provider in the country."
Together, the suits seek a range of actions for violations of the Washington Consumer Protection Act and the California Consumer Privacy Act, including compensatory damages and reimbursement of out-of-pocket costs for the efforts to repair any damage from the fraud.
Plaintiffs and class action members are also asking for injunctive relief, such as improvements to T-Mobile's data security systems, future annual audits, adequate credit monitoring services funded by the company, and an order to prohibit T-Mobile from keeping personal data on a cloud-based database.
T-Mobile previously reported that the breach compromised approximately 7.8 million current postpaid customer accounts and 40 million former or prospective T-Mobile customers, stealing data including first and last names, date of birth, Social Security numbers, and driver’s license/ID information.
T-Mobile said in an update Friday that another 5.3 million current postpaid customer accounts and 667,000 accounts of former T- Mobile customers have also been identified as targets, with customer names, addresses, date of births, phone numbers, IMEIs and IMSIs, the typical identifier numbers associated with a mobile phone, illegally accessed.
T-Mobile continues to work "around the clock" on its investigation into the cyberattack.
"Our investigation is ongoing and will continue for some time, but at this point, we are confident that we have closed off the access and egress points the bad actor used in the attack," the company noted.
In order to help its customers, the company is offering two years of free identity protection services with McAfee’s ID Theft Protection Service to any person who believes they may be affected and is recommending all eligible customers sign up for Scam Shield's free scam-block protection. In addition, approximately 850,000 active T-Mobile prepaid customer accounts that were exposed have had their PINs reset.
T-Mobile emphasized that there is no indication that any customers' financial information, credit card information, debit or other payment information has been accessed.
Read full article at CNBC
24 August, 2021 - 09:20am
Aug 21, 2021; Green Bay, Wisconsin, USA; Green Bay Packers quarterback Kurt Benkert (7) looks to pass in the second quarter during the game against the New York Jets at Lambeau Field. Mandatory Credit: Benny Sieu-USA TODAY Sports
– With Juwann Winfree, Equanimeous St. Brown, and Devin Funchess all sidelined, today was a big opportunity for Malik Taylor, who was coming off a strong performance a week ago, and he capitalized once again. Taylor caught four of five passes and averaged nearly 17 yards per catch. Couple that with his special teams contributions, and it’s going to be really difficult to keep him off the roster.
— Green Bay Packers (@packers) August 21, 2021
– This has to put Equanimeous St. Brown in a tough place. He’s been injured much of camp, hasn’t been able to make much of an impact in a preseason game or in practice, and players like Taylor and Funchess are producing.
– Speaking of Devin Funchess, what does this mean for him? He had a nice showing last week and some solid practices, but as a sixth receiver who hasn’t contributed much on special teams over his career, could that cost him a roster spot? Deciding who the final receiver is will be a difficult decision for Matt LaFleur.
– Royce Newman got the start at right guard today, and he impressed. He may be the front-runner for one of the starting guard openings.
– As a whole, the offensive line performed much better than what they did against Houston, averaging over five yards per carry for much of the game and gave Kurt Benkert plenty of time in the pocket.
– Before these preseason games began, I felt quite confident that Lucas Patrick was going to start come Week 1, or at a minimum, be backup. However, I’m not as certain at this point. He had a rough showing last week and was called for two penalties at center this week. While I still think he will be on the final roster, this is certainly something to keep our eyes on moving forward.
– The starting offensive line was Yosh Nijman at left tackle, Jon Runyan at left guard, Josh Myers at center, Newman at right guard, and Ben Braden at right tackle.
– PFF may have liked what Nijman did last week, but it really looked like he struggled. However, this week, he was much better. He is someone who could be kept on the 53-man roster for depth at tackle.
– What else can we say about Kylin Hill? From the very first practice I was at, it was easy to see the wiggle that he has with the ball in his hands, and today, we saw the explosiveness he has to hit the edge on that touchdown run of his. I also want to give credit to Braden on that run, who sealed the edge well.
– Patrick Taylor, who averaged almost six yards per carry today, also had a fumble. At this point, Hill is a lock for RB3, but Taylor could still push for the RB4 role if the Packers choose to keep that many. However, that fumble doesn’t help.
– We’ve seen Hill and Taylor returning kicks, and today we saw Dexter Williams doing the same. It’s important for him to show that he can contribute on special teams.
– Oren Burks was only in the game for about half of the first quarter, which to me says a lot–he’s going to be on the final roster.
– It was nice seeing Kamal Martin back on the field. He still has things to clean up, but he flies around that football field.
– What a showing by Kurt Benkert. He was confident in the pocket, flashed his arm strength, and delivered several beautiful passes. Do the Packers keep three QBs on the roster?
— NFL (@NFL) August 21, 2021
– WIth how well the safety group has been playing, it was a big day for Will Redmond; however, we didn’t see much of him. Redmond could be on the outside looking in at the safety position with Vernon Scott, Henry Black, and Innis Gaines all playing well.
– And once again, Black and Gaines both made some nice defensive plays.
– It was also another good day for IDL Jack Heflin.
– Last week, TE coach Justin Outten discussed how important consistency was for Jace Sternberger; other than the touchdown grab, it seemed to be a quiet game for him. I’ll have to rewatch the game and focus more closely on him to know if he was doing the little stuff that comes with being a tight end.
— Green Bay Packers (@packers) August 21, 2021
– Two other players I’ll want to rewatch are Willington Previlon and Chauncey Rivers. They’ve both been very good in camp and could push for a roster spot with some strong showings.
– It’s a new defense, and many backup and third-string players were in the game, but we saw quite a few miscommunications from the defensive unit.
– I’ve seen it in the few practices that I’ve been at, and we again saw it against the Jets, and that is that Krys Barnes looks quicker this season.
– Another week, another blunder from the special teams unit.
– Keep your eyes on TJ Slaton during these games. We aren’t always going to see his contributions to this defense show up on the stat sheet with his role, but his teammates will know he’s out there. I loved this selection.
— Green Bay Packers (@packers) August 21, 2021
– We also saw a lot of Amari Rodgers tonight and his playmaking ability with the ball in his hands.
– As he has been for much of his career, JK Scott was up and down again.
Build your custom FanSided Daily email newsletter with news and analysis on All Wisconsin Sports and all your favorite sports teams, TV shows, and more.
Your favorite teams, topics, and players all on your favorite mobile devices.
Powered by Minute Media © 2021 All Rights Reserved.
24 August, 2021 - 09:20am
24 August, 2021 - 09:20am
Telecommunications giant T-Mobile has warned that information including names, dates of birth, US Social Security numbers (SSNs), and driver’s license/ID of some 50 million individuals comprising current, former, or prospective customers has been exposed via a data breach. While many details of the incident (including its root cause) remain unclear as of August 19, immediate fallout suggests this incident might be one of the most significant of recent times, not least due to the number of records exposed and potential regulatory implications that may come into play.
With the dust still very much settling, here is a timeline of the data breach according to T-Mobile’s public disclosure and other sources. CSO will update this timeline as events unfold.
[ Related: How attackers could exploit breached T-Mobile user data | Get the latest from CSO by signing up for our newsletters. ]
News broke on Vice.com of hackers claiming to have accessed data relating to over 100 million people, which they were offering sale. While the underground forum post did not mention T-Mobile specifically, a message to Motherboard confirmed that the information came from T-Mobile servers and included SSNs, phone numbers, names, physical addresses, IMEI numbers, and driver's license information. Motherboard confirmed this to be accurate.
The seller was asking for 6 bitcoin (around $270,000) for a subset of the data containing 30 million SSNs and driver's licenses and said that they were looking to sell the remaining information privately. In a statement to Motherboard, T-Mobile said: “We are aware of claims made in an underground forum and have been actively investigating their validity. We do not have any additional information to share at this time.”
With news of the incident making headlines around the globe, T-Mobile issued a statement confirming that unauthorized access to some T-Mobile data had occurred, though investigations were yet to determine if any personal customer information was involved. “We have been working around the clock to investigate claims being made that T-Mobile data may have been illegally accessed. We take the protection of our customers very seriously and we are conducting an extensive analysis alongside digital forensic experts to understand the validity of these claims, and we are coordinating with law enforcement.”
The company said it was confident that the entry point used to gain access had been closed, and that it was continuing its deep technical review of the situation across systems to identify the nature of any data that was illegally accessed. “This investigation will take some time but we are working with the highest degree of urgency. Until we have completed this assessment, we cannot confirm the reported number of records affected or the validity of statements made by others,” the statement read.
T-Mobile issued an update on its ongoing investigation into the breach, including estimations of individuals affected and remediation steps it was taking. “Late last week we were informed of claims made in an online forum that a bad actor had compromised T-Mobile systems. We immediately began an exhaustive investigation into these claims and brought in world-leading cybersecurity experts to help with our assessment.”
T-Mobile said it located and immediately closed the access point it believed was used to illegally gain entry to its servers, and while its investigation was still underway, it confirmed that the data stolen included some personal information. “We have no indication that the data contained in the stolen files included any customer financial information, credit card information, debit or other payment information,” it said. “Some of the data accessed did include customers’ first and last names, date of birth, SSN, and driver’s license/ID information for a subset of current and former postpaid customers and prospective T-Mobile customers.” The company also confirmed that approximately 850,000 active T-Mobile prepaid customer names, phone numbers, and account PINs were exposed.
T-Mobile said it would be issuing communications to advise customers on next steps and recommended action to avoid falling victim to follow-on attacks. This included the offer of two years of free identity protection services and advice that all T-Mobile postpaid customers should change their PIN. “This precaution is despite the fact that we have no knowledge that any postpaid account PINs were compromised,” it added. T-Mobile also offered an extra step to protect mobile accounts with its Account Takeover Protection capabilities for postpaid customers and said it would be publishing a unique webpage for information and solutions to help customers take steps to further protect themselves.
Security researcher Brian Krebs advised T-Mobile customers to change their PIN as instructed by T-Mobile, but also advocated removing phone numbers from as many online accounts as possible. “Many online services require you to provide a phone number upon registering an account, but in many cases that number can be removed from your profile afterwards.” Many online services allow users to reset their passwords just by clicking a link sent via SMS, and this widespread practice has turned mobile phone numbers into de facto identity documents, he added. This creates the possibility of losing control over phone numbers “thanks to an unauthorized SIM swap or mobile number port-out, divorce, job termination or financial crisis can be devastating.”
Krebs also warned customers to be on the lookout for related phishing attacks, adding that it is a safe bet that scammers will use some of the exposed information to target T-Mobile users with phishing messages, account takeovers, and harassment. “T-Mobile customers should expect to see phishers taking advantage of public concern over the breach to impersonate the company — and possibly even messages that include the recipient’s compromised account details to make the communications look more legitimate.”
With T-Mobile’s data breach investigation ongoing, the company issued an updated statement detailing another 5.3 million current postpaid customer accounts that had one or more associated customer names, addresses, date of births, phone numbers, International Mobile Equipment Identity (IMEI) and International Mobile Subscriber Identifier (IMSI) numbers illegally accessed. “We also previously reported that data files with information from about 40 million former or prospective T-Mobile customers, including first and last names, date of birth, SSN, and driver’s license/ID information, were compromised. We have since identified an additional 667,000 accounts of former T- Mobile customers that were accessed with customer names, phone numbers, addresses and dates of birth compromised. These additional accounts did not have any SSNs or driver’s license/ID information compromised.” T-Mobile reiterated its confidence that it has closed off the access and egress points the bad actor used in the attack.
Michael Hill is the UK editor of CSO Online. He has spent the past five-plus years covering various aspects of the cybersecurity industry, with particular interest in the ever-evolving role of the human-related elements of information security.
Copyright © 2021 IDG Communications, Inc.
Copyright © 2021 IDG Communications, Inc.
24 August, 2021 - 09:20am
Computer security news, advice, and opinion
T-Mobile has confirmed media reports from earlier this week that it had suffered a serious data breach. And it’s not just existing T-Mobile users who should be alarmed, but former and prosepective customers as well.
In an advisory published on its website, the telecoms giant warned that cybercriminals had accessed customers’ names, driver’s license details, government identification numbers, Social Security numbers, dates of birth, T-Mobile prepaid PINs, addresses and phone numbers.
The confirmation from T-Mobile came days after a hacker offered for sale on an underground forum data related to what they claimed were 100 million T-Mobile users.
In its latest update for concerned customers, T-Mobile published its latest confirmed figures for the number of affected customers:
It doesn’t paint a good picture, and as T-Mobile investigates further it’s possible the number of affected customers may increase.
But what perhaps is the worse statistic of all is that this is, by my account, the *fifth* data breach suffered by T-Mobile in the last three years.
January 2021 – Hackers managed to access customer account information which may, in T-Mobile’s words, “have included phone number, number of lines subscribed to on your account and, in some cases, call-related information collected as part of the normal operation of your wireless service.”
March 2020 – T-Mobile reveals that hackers broke into employees’ email accounts and stole customer account information.
November 2019 – T-Mobile confirmed that more than one million prepaid customers were impacted by a breach which saw hackers access their names, phone numbers, billing addresses, T-Mobile account numbers, and details about rates and plans.
August 2018 – Hackers stole details of two million T-Mobile customers.
In its latest advisory, T-Mobile reminds the world that “customers trust us with their private information and we safeguard it with the utmost concern.”
I wonder how many customers really do trust T-Mobile, after five data breaches in such a short period of time?
This site uses Akismet to reduce spam. Learn how your comment data is processed.
Winner: Best Security Podcast 2018, 2019
The Great Londini has gathered a two million strong army to out TikTok trolls, there's a bad supply chain vulnerability in many IoT devices, and how did Wikipedia pages end up covered in Nazi swastikas?
Copyright © 2001-2021 Cluley Associates Limited. All Rights Reserved.
23 August, 2021 - 08:27am
Hackers recently breached the security of communications company T-Mobile. The hack has affected over 40 million people, exposing their Social Security Numbers (SSN) and, in some cases, their account PINs. So if you’re a T-Mobile customer, how can you be sure your data is safe? This article will tell you what has happened and how you should respond to the T-Mobile Data Breach.
T-Mobile discovered the breach when hackers started to sell T-Mobile customers’ user data on a dark web forum. The hackers claimed to have over 100 million users’ private data when they spoke to Vice on Sunday, 15th August. In response, T-Mobile began an investigation and closed the vulnerability on Monday, confirming the hack but not revealing the scope of the damage. By Wednesday, 18th August, T-Mobile confirmed that a breach of over 40 million users’ data had taken place.
According to several sources, including the hackers themselves, the breach includes SSNs as well as driver’s licenses. In some cases, the data may also include account PINs as well. This breach has affected current, past, and potential customers of T-Mobile.
The data hackers have stolen in this breach could cause serious harm in the real world. SSNs are a key component in identity theft, and when accompanied by a driver’s license, could be used to apply for everything from loans to credit cards. If you’re a current or former customer of T-Mobile, there is a chance hackers have your information.
Current customers of T-Mobile are also in danger. Hackers also accessed the account PINs of 7.8 Million current customers. These pins are used to enter an account, which leads to the ability to change and access personal details. Hackers who have these PINs could potentially gain access to your mobile number for spoofing and other scams.
If you’re a victim of the T-Mobile Data Breach, the first thing you should do is changing your account PIN. You should do this even if you’re not a current customer. Although it’s not believed that hackers compromised older PINs, it is better to take precautions. Log into your T-Mobile account, and follow the instruction on their support page to change your PIN.
Another step you can take is to visit T-Mobile’s page set up for victims of the breach. The company is offering two years of free McAfee identity protection to help mitigate some of the damage done by the breach. If you were affected, follow the links on the page to claim your free two-year protection plan.
If a hacker has already used your SSN to steal your identity, several options are open to you. The United States government will sometimes replace an SSN if you can prove the ID theft badly damages you. You can find more information at the SSA website.
The T-Mobile data breach should be a warning sign that data breaches are serious and dangerous. However, there are some steps you can take to further protect yourself against breaches in the future.
Most companies offer a service to completely remove all data about a customer once you leave their service. Once you’re done using a service, such as T-Mobile, you should request that all your data be removed from their servers. This prevents your data from being forgotten about and eventually becoming caught up in a data breach.
In some cases, giving out your data is unavoidable. For example, companies use important information, such as your SSN, to perform credit checks and other vital services. However, if providing a company with information is optional, you should always opt out of giving the information if you can.
If you’re worried about your online safety, there are several options you can take to protect yourself. For example, high-value targets can hire one of our personal digital security managers to protect them from hacking around the clock. You could also invest in identity theft protection, such as those services offered by McAfee.
We have been recommended to clients by employees at FBI and local law enforcement in the United States. For references, please send us an email.
T-Mobile customers file class action lawsuits as investigation finds 53 million affected by data breach
21 August, 2021 - 12:00am
T-Mobile announced Friday it had discovered that another 5.3 million current customers and 667,000 former customers also had their information stolen.
The wireless carrier is now up against two class action lawsuits filed by upset customers, Bloomberg reported on Friday. Both lawsuits accuse T-Mobile of violating the California Consumer Privacy Act which allows any Californian the right to see all the information a company has saved on them, as well as a full list of all the third parties that data is shared with. One of the lawsuits also accuses T-Mobile of violating the Washington State Consumer Protection Act for having poor data security.
According to the lawsuit Espanoza v. T-Mobile USA Inc., the plaintiffs and the class action members contend their identities are at risk because of neglect on the part of T-Mobile. The plaintiffs are also concerned with the monetary costs and the "time spent mitigating the effects of the Data Breach, including time spent dealing with actual or attempted fraud and identity theft."
The information stolen from the customers includes names, addresses, dates of births, phone numbers, social security numbers, and driver's license information. T-Mobile says that the information stolen from the additional customers did not include social security numbers and driver's license information.
T-Mobile does not believe that customers had their financial information, credit card information, debit, or other payment information stolen in the attack.
T-Mobile reset the PINs associated with these accounts and is also offering additional protection services like McAfee's ID Theft Protection Service and Account Takeover Protection capabilities for all customers.
"We are continuing to take action to protect everyone at risk from this cyberattack, including those additional persons we recently identified," the company said in a statement. "We have sent communications to millions of customers and other affected individuals and are providing support in various ways."
T-Mobile originally became aware of the data breach after hackers posted in an underground forum, Vice's Motherboard first reported.
The seller of the information is asking for six bitcoins, worth about $297,279 as of publishing, for 30 million social security numbers and driver's licenses, according to Motherboard. The seller is privately offering the rest of the breached information.