Security News

T-Mobile disclosed a new data breach after a threat actor stole the personal information of 37 million current postpaid and prepaid customer accounts through one of its Application Programming...

Argishti Khudaverdyan, the former owner of a T-Mobile retail store, was sentenced to 10 years in prison for a $25 million scheme where he unlocked and unblocked cellphones by hacking into T-Mobile's internal systems. "Removing the unlock allowed the phones to be sold on the black market and enabled T-Mobile customers to stop using T-Mobile's services and thereby deprive T-Mobile of revenue generated from customers' service contracts and equipment installment plans."

Experian and T-Mobile have reached separate settlements with 40 US states following a pair of data breaches in 2012 and 2015. Experian will be bearing the largest brunt of the fine, with $14 million coming from the credit reporting company.

A now-former T-Mobile US store stole at least 50 employees' work credentials to run a phone unlocking and unblocking service that prosecutors said netted $25 million. Argishti Khudaverdyan, 44, of Burbank, California, was found guilty of 14 criminal charges [PDF] by a US federal jury on Friday.

A former owner of a T-Mobile retail store in California has been found guilty of a $25 million scheme where he illegally accessed T-Mobile's internal systems to unlock and unblock cell phones. "From August 2014 to June 2019, Khudaverdyan fraudulently unlocked and unblocked cellphones on T-Mobile's network, as well as the networks of Sprint, AT&T and other carriers," details the announcement of the U.S. Department of Justice.

T-Mobile US has agreed to pay about $550 million to end legal action against it and improve its security after crooks infiltrated the self-described Un-carrier last summer and harvested personal data belonging to almost 77 million customers. The cellular network operator agreed to pay $350 million plus legal fees to settle a class-action lawsuit brought by customers whose data was compromised in an August 2021 privacy breach, according to documents filed with the US Securities and Exchange Commission on Friday.

Just under a year ago, the US arm of telecomms giant T-Mobile admitted to a data breach after personal information about its customers was offered for sale on an underground forum. At the time, VICE Magazine claimed to have communicated with the hacker behind the breach via online chat, and to have been offered "T-Mobile USA. Full customer info."

T-Mobile hit by data breaches from Lapsus$ extortion group. T-Mobile was the victim of a series of data breaches carried out by the Lapsus$ cybercrime group in March.

The company added that it has mitigated the breach by terminating the hacker's group access to its network and disabled the stolen credentials that were used in the breach. Using these credentials Lapsus$ members can get access to the company's internal tools like - Atlas an internal T-Mobile tool for managing customer accounts.

Telecom company T-Mobile on Friday confirmed that it was the victim of a security breach in March after the LAPSUS$ mercenary gang managed to gain access to its networks. "T-Mobile, in a statement, said that the incident occurred"several weeks ago, with the "Bad actor" using stolen credentials to access internal systems.