Security News > 2023 > January > Crims steal data on 40 million T-Mobile US customers
T-Mobile US today said someone abused an API to download the personal information of 37 million subscribers.
A regulatory filing [PDF] disclosed one or more miscreants were able to access potentially the "Name, billing address, email, phone number, date of birth, T-Mobile account number and information such as the number of lines on the account and plan features" of each affected customer.
2019 - Over a million customer records accessed, some personal data exposed.
2021 - 48 million postpaid customers' records posted to the dark web.
July 2022 - T-Mobile USA announces $550 million settlement of the 2021 breach.
November 2022 - Contributes to $16m settlement of 2012 and 2015 breaches at Experian that entangled T-Mobile customers.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/01/20/t_mobile_us_data_breach/
Related news
- T-Mobile US fined $31.5M for network security breaches between 2021 and 2023 (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- T-Mobile pays $31.5 million FCC settlement over 4 data breaches (source)
- T-Mobile confirms it was hacked in recent wave of telecom breaches (source)
- Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign (source)