T-Mobile Has Been Pwned Again

If you’re a T-Mobile customer you have to be wondering if the company can keep customer data safe. I say that because the news is out that they’ve been pwned. Again:

Affected customers fall into one of three categories. First, a customer may have only been affected by a leak of their CPNI. This information may include the billing account name, phone numbers, number of lines on the account, account numbers, and rate plan info. That’s not great, but it’s much less of an impact than the breach back in August had, which leaked customer social security numbers.

The second category an affected customer might fall into is having their SIM swapped. This is where a malicious actor will change the physical SIM card associated with a phone number in order to obtain control of said number. This can, and often does, lead to the victim’s other online accounts being accessed via two-factor authentication codes sent to their phone number. The document says that customers affected by a SIM swap have now had that action reversed.

The final category is simply both of the other two. Affected customers could have had both their private CPNI viewed as well as their SIM card swapped.

This comes after T-Mobile had a massive data breach in the summer. And keep in mind that this company has been pwned in the past too. Clearly this company does not have the best track record of protecting data. Which if you’re a T-Mobile customer, should make you reconsider if you should be dealing with them.

Leave a Reply

%d bloggers like this: