Security News > 2021 > August > T-Mobile: Breach Exposed SSN/DOB of 40M+ People

T-Mobile warned Monday that a data breach has exposed the names, date of birth, Social Security number and driver's license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company.

On Monday evening, T-Mobile said a "Highly sophisticated" attack against its network led to the breach of data on millions of customers.

T-Mobile hasn't yet responded to requests for clarification regarding how many of the 7.8 million current customers may also have been affected by the credit application breach.

The hackers claimed one of those databases held the name, date of birth, SSN, drivers license information, plaintext security PIN, address and phone number of 36 million T-Mobile customers in the United States - all going back to the mid-1990s.

T-Mobile said it would pay for two years of identity theft protection services for any affected customers, and that it was offering "An extra step to protect your mobile account with our Account Takeover Protection capabilities for postpaid customers, which makes it harder for customer accounts to be fraudulently ported out and stolen." Why it wouldn't make that extra protection standard for all accounts all the time is not entirely clear.

T-Mobile customers should expect to see phishers taking advantage of public concern over the breach to impersonate the company - and possibly even messages that include the recipient's compromised account details to make the communications look more legitimate.

News URL

https://krebsonsecurity.com/2021/08/t-mobile-breach-exposed-ssn-dob-of-40m-people/