Illustration by Alex Castro / The Verge

T-Mobile has suffered another cyberattack after being rocked by a massive data breach in August. This time around, attackers accessed โ€œa small number ofโ€ customersโ€™ accounts, according to documents posted by The T-Mo Report.

According to the report, customers either fell victim to a SIM swapping attack (which could allow someone to bypass SMS-powered two-factor authentication), had personal plan information exposed, or both. The document shows that the customer proprietary network information that was viewed couldโ€™ve included customersโ€™ billing account name, phone and account number, and info about their plan, including how many lines were attached to their account.

The person who took credit for the summer hack called T-Mobileโ€™s security โ€œawfulโ€

This summer, the carrier confirmed that a data breach exposed almost 50 million customersโ€™ data, with the attacker accessing social security numbers, names, and dates of birth. (A person who claimed to be the hacker went on to call the companyโ€™s security practices โ€œawful.โ€) The information reportedly exposed in Decemberโ€™s breach is less sensitive (and the documents say the customers who had their SIMs swapped have regained access), and is likely not as large in scope. We werenโ€™t able to find widespread reports from customers that said theyโ€™d received notification letters.

T-Mobile is taking immediate steps to help protect all individuals who may be at risk from this cyberattack. If you have any questions, send us a DM and we can discuss steps to increase your account security. ^KenStone

โ€” T-Mobile Help (@TMobileHelp) December 28, 2021

T-Mobileโ€™s support account has seemingly confirmed that there was a breach, responding to people on Twitter to say that itโ€™s taking โ€œimmediate actionโ€ to help individuals who were put at risk by the attack. The company didnโ€™t immediately reply to The Vergeโ€™s request for comment.

By

Leave a Reply

You missed

X