T-Mobile encounters new data breach


Update (12/29/21 2:29 pm): T-Mobile has confirmed the attack to BleepingComputer and shared that they already sent out a message to affected customers:

“We informed a very small number of customers that the SIM card assigned to a mobile number on their account may have been illegally reassigned or limited account information was viewed. Unauthorized SIM swaps are unfortunately a common industry-wide occurrence, however this issue was quickly corrected by our team, using our in-place safeguards, and we proactively took additional protective measures on their behalf.”


Original article below:

Just before Christmas, T-Mobile was once again hit by another data breach. Only this time, it is a much smaller scale compared to the attack it faced back in August.

The report comes from The T-Mo Report, who shared internal documents detailing the new incident. According to these documents, some customer accounts encountered “unauthorized activity,” which involves “viewing of customer proprietary network information (CPNI), an active SIM swap by a malicious actor, or both.”

The internal document gives a look into how T-Mobile categorizes customers who are affected by this breach: 

“Affected customers fall into one of three categories. First, a customer may have only been affected by a leak of their CPNI. This information may include the billing account name, phone numbers, number of lines on the account, account numbers, and rate plan info. That’s not great, but it’s much less of an impact than the breach back in August had, which leaked customer social security numbers.

The second category an affected customer might fall into is having their SIM swapped. This is where a malicious actor will change the physical SIM card associated with a phone number in order to obtain control of said number. This can, and often does, lead to the victim’s other online accounts being accessed via two-factor authentication codes sent to their phone number. The document says that customers affected by a SIM swap have now had that action reversed.”

Customers who had both their CPNI viewed and had a SIM card swap are put into the third category.

As of this writing, T-Mobile has not released a statement about this potential data breach. There is also no word yet on how massive this data breach is. But compared with the August breach, this seems to be smaller in scale since the latter involved accessing customers’ social security numbers and driver’s license information. 

We’re still waiting for an update from T-Mobile. The report says that T-Mobile has sent out a letter to affected customers to inform them of the unauthorized activity that recently occurred on their accounts. 


Source: The T-Mo Report

Tags: ,

  • FatTony

    Here we go again. I remain skeptical about the impact of the breach given their initial report from the August breach. I guess I shouldn’t have assumed the cybersecurity consultants they hired after the August breach would fix most of their poor security issues.

  • steadymobb

    T-Mobile has really gone down hill

    • MissedCall

      The New Sprint.

  • Bklynman

    I might leave check out Big Red,or AT&T if this keeps up. How come you never hear them about getting hack?

    • Dsgb Solo

      I’m a former T-Mobile/Sprint customer but still a fan of the underdog carrier. I’ve been with AT&T for a year now and have to admit that T-Mobile and AT&T plans are on par with each other when it comes to pricing from my experience with Verizon being the most expensive. So far with AT&T I haven’t had to worry about data breaches. Nor have I had to worry about lack of coverage or slow or no data 99% of the time. I really hope T-Mobile gets their act together if they want to be taken serious as a national carrier amongst their peers. I’m still rooting for you T-Mobile!

  • Joe

    This is unheard of to get hacked so often. It seems like part of being a tmobile customer is the pleasure of getting hacked every 6 months. Customers might have to consider Verizon or AT&T if they don’t won’t there Identity stolen over $20/month. Guess that’s the cost of security.

  • Trevor Ketch

    FFS… can’t they keep their pants zipped-up?!

  • kiladubz

    except this doesn’t look like a hack at all, seems more like social engineering / bad actors

  • Fan_Atl77

    Inside job, inside Out, Inside Out, seriously, Hopefully, Tmobile Executive will take Seriously our Data, and sensitive information…

  • DrewskiStyles790

    You already know my Bro!! I also feel that AT&T/ their prepaid carrier “Cricket Wireless” have upped their game up with reasonable promo/having the ability to shop online without all of the hassle/fully Taxes & Fees Included deal on all of their monthly plans & of course the new CEO for AT&T is right on par with the CEO for T-Mobile-MetroByT-Mobile!! So there you have it!!

  • T-Mobile has not released a statement about this potential data breach