T-Mobile, has announced that they have been targeted in a 2nd Cyber Attack in 2023 with attackers having access to personal information of hundreds of customers for more than a month.
This news comes just 3 months after their previous announcement that they had been breached in late 2022.
On Friday the 28th April, the mobile communications provider announced in a breach notification letter that “In March 2023, the measures we have in place to alert us to unauthorized activity worked as designed and we were able to determine that a bad actor gained access to limited information from a small number of T-Mobile accounts between late February and March 2023”.
In the letter, T-Mobile state that no financial data had been compromised, and that the stoned data differed from customer to customer, but it is likely that customer data including full name, phone numbers, PIN, contact information, Social Security Number, D.O.B. and account balance will have been compromised.
Not as bad as last time
In this latest data breach, approx 250 customers have been affected, which is a lot fewer than the November 2022 breach where over 37 Million user accounts were compromised via a vulnerable Application Programming Interface (API).
In their investigations, T-Mobile said that the attackers in that breach had been siphoning data between November 2022 and January 2023
But its a worrying trend
Whilst this latest breach is not as widespread as the last one, it has become quite a common thing for T-Mobile to be successfully breached.
- In 2018 approx 3% (2.3M) of T-Mobile customers had data exposed in an attack.
- In 2019, a breach exposed the account data of an undisclosed number of customers
- In 2020, a breach exposed the personal data and financial data of T-Mobile’s own staff
- A second breach in 2020 saw customer proprietary network information stolen
- In 2021 an internal T-Mobile application was accessed by threat actors without having to authenticate to the application
- A second attack in 2021 attackers managed to pivot to the internal network at T-Mobile after compromising a test environment
- In 2022, the Lapsus$ gang used stolen credentials to infiltrate the mobile operators network and steal proprietary source code.
Currently T-Mobile have 8 openings for Cyber Security experts – although I’m not sure I’d want to take them up on an offer at this moment in time – I suspect it would be quite stressful working for them right now.
