Lets not also forget to go after and punish the hackers
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
T-Mobile Says an Additional 5.3 Million Customer Accounts Were Compromised in Data Breach
- Thread starter MacRumors
- Start date
- Sort by reaction score
This is the fifth breach since then, isn't it? You'd think that their staff would do something better or be replaced by someone who could fix the situation.
I'm just glad that they didn't have hold of the (former) Sprint data.
Has anyone read/heard anything about how far back the accessed customer data goes? Wondering if it affects someone who was a customer ~20 years ago.
Is there a way to tell if my info has been compromised? I was a customer 10-12 years ago prior.
I don't believe class action lawsuits do much to change corporate behavior. They certainly don't seem to directly help consumers much. I've been a class member of many such suits over the years and have yet to receive more than token compensation. I think they mostly benefit the attorneys that bring them.
It's basically a slap on the wrist for the company and provides salaries for an army of lawyers.
Fifth or sixth. I know it's at least the fifth. I guess T-Mobile IT security goes with the saying of "Fool me six times, shame on you. Fool me seven or more times, shame on me."
I received message from T-Mobile. my information is leaked. what should i do now ?
T-Mobile earlier this week shared details on a data breach where hackers gained access to the personal information of close to 50 million current, former, and prospective customers.
At the time, T-Mobile said that data from 7.8 million current customers had been compromised, as well as information from 40 million former or potential customers. In an updated statement provided today, T-Mobile says that it has confirmed that data from another 5.3 million postpaid customers was accessed.
Information accessed from these customers included names, addresses, birth dates, phone numbers, IMEIs, and IMSIs. The prior 7.8 million customers also saw their SSN and driver's license information stolen.
T-Mobile says that on top of the previously announced 40 million former or prospective customers that were impacted, another 667,000 accounts of former customers were breached. Hackers were able to obtain names, phone numbers, addresses, and birth dates from these customers. Other former and prospective customers had their SSN and driver's license information leaked.
Hackers were also able to access data files that included phone numbers, IMEI numbers, and IMSI numbers, but that data included no personally identifiable information. T-Mobile says that it does not believe that the data in the stolen files included customer financial information, credit card information, debit, or other payment information.
There were 850,000 T-Mobile postpaid customers impacted with phone numbers and PINs exposed, and T-Mobile has reset the PINs on all of these accounts. T-Mobile now says that up to 52,000 names related to current Metro by T-Mobile accounts may also have been included, but none of the T-Mobile files stolen related to former Sprint prepaid or Boost customers.
The attack was first identified when hackers posted on a forum offering to sell data from 100 million T-Mobile customers. The data for sale included social security numbers, phone numbers, names, physical addresses, IMEI numbers, and driver's license data.
T-Mobile says that it has contacted millions of customers and is offering those impacted two years of identity protection services with McAfee's ID Theft Protection Service. The company also recommends that eligible T-Mobile customers sign up for free scam-blocking protection.
To prevent future attacks, T-Mobile says it has "worked diligently to enhance security across our platforms" and is working with experts to understand both immediate and longer-term next steps.
Article Link: T-Mobile Says an Additional 5.3 Million Customer Accounts Were Compromised in Data Breach
is WTF i keep getting scam call after scam call on T Mobile? about to switch back to Verizon.
sound advice, as I too follow this protocol. Checking gets just what is needed with a little padding.
I like to see a heavy lawsuit from this so they will learn.
T-Mobile earlier this week shared details on a data breach where hackers gained access to the personal information of close to 50 million current, former, and prospective customers.
At the time, T-Mobile said that data from 7.8 million current customers had been compromised, as well as information from 40 million former or potential customers. In an updated statement provided today, T-Mobile says that it has confirmed that data from another 5.3 million postpaid customers was accessed.
Information accessed from these customers included names, addresses, birth dates, phone numbers, IMEIs, and IMSIs. The prior 7.8 million customers also saw their SSN and driver's license information stolen.
T-Mobile says that on top of the previously announced 40 million former or prospective customers that were impacted, another 667,000 accounts of former customers were breached. Hackers were able to obtain names, phone numbers, addresses, and birth dates from these customers. Other former and prospective customers had their SSN and driver's license information leaked.
Hackers were also able to access data files that included phone numbers, IMEI numbers, and IMSI numbers, but that data included no personally identifiable information. T-Mobile says that it does not believe that the data in the stolen files included customer financial information, credit card information, debit, or other payment information.
There were 850,000 T-Mobile postpaid customers impacted with phone numbers and PINs exposed, and T-Mobile has reset the PINs on all of these accounts. T-Mobile now says that up to 52,000 names related to current Metro by T-Mobile accounts may also have been included, but none of the T-Mobile files stolen related to former Sprint prepaid or Boost customers.
The attack was first identified when hackers posted on a forum offering to sell data from 100 million T-Mobile customers. The data for sale included social security numbers, phone numbers, names, physical addresses, IMEI numbers, and driver's license data.
T-Mobile says that it has contacted millions of customers and is offering those impacted two years of identity protection services with McAfee's ID Theft Protection Service. The company also recommends that eligible T-Mobile customers sign up for free scam-blocking protection.
To prevent future attacks, T-Mobile says it has "worked diligently to enhance security across our platforms" and is working with experts to understand both immediate and longer-term next steps.
Article Link: T-Mobile Says an Additional 5.3 Million Customer Accounts Were Compromised in Data Breach
I have been getting robocalls NONSTOP since this leak. I'm pretty sure they got my info
We have some of the best engineers and security researchers in the world, yet we can’t stop this stuff. What’s it going to take? God forbid the billions and trillions sitting in the banks ever be used to protect our infrastructure. If people cannot trust the companies they entrust their personal information with, the business suffers and loses money anyway. Why not spend a little to protect their customers and EARN business? The fact that this isn’t a national priority boggles my mind.
Lawsuits do nothing but let them know what they can get away with. Any “damages” can and will be written off. They’ll get a bad reputation for a little bit, but since the country has the attention span of a newt, it’ll be swept under the rug until next time. Between now and then, they’ll accumulate even more people who are oblivious to the news. Even if there were class action lawsuits filed, the lawyers take so much of the winnings that you’ll end up with less money than it costs to print the check.
I am a T-Mobile customer, I have not been contacted. I am a very unhappy customer based on this.
This statement is so much corporate BS:
To prevent future attacks, T-Mobile says it has "worked diligently to enhance security across our platforms" and is working with experts to understand both immediate and longer-term next steps.
The time to do that was BEFORE all of these MULTIPLE breaches. It’s quite clear that T-Mobile is not to be trusted with all this data. They are not good at protecting it. The question I have, is Verizon and AT&T?
To prevent future attacks, T-Mobile says it has "worked diligently to enhance security across our platforms" and is working with experts to understand both immediate and longer-term next steps.
The time to do that was BEFORE all of these MULTIPLE breaches. It’s quite clear that T-Mobile is not to be trusted with all this data. They are not good at protecting it. The question I have, is Verizon and AT&T?
If any company asks my SSN I say, get the F......, you know what.
Luckily we don't have that problem here, no company should be allowed to ask
for your SSN....there's no single reason for them to posses that info.
Luckily we don't have that problem here, no company should be allowed to ask
for your SSN....there's no single reason for them to posses that info.
Any company leaking such sensitive data should be fined a substantial amount of money.
Any company leaking such sensitive data twice should be fined an even higher fine, like 50% of annual profit, and get warning they will loose their licence to operate if done again.
Any company leaking such sensitive data trice should get their licence to operate *retracted and fined 100% of annual profit.
* Not instantly, that would be disastrous, give them time to sell their business.
Any company leaking such sensitive data twice should be fined an even higher fine, like 50% of annual profit, and get warning they will loose their licence to operate if done again.
Any company leaking such sensitive data trice should get their licence to operate *retracted and fined 100% of annual profit.
* Not instantly, that would be disastrous, give them time to sell their business.
The government goes after Apple for any little thing and meanwhile this is an actually dangerous damaging thing that keeps happening and nobody is willing to tighten down the laws on these large companies when it comes to data leaks. There needs to be real, serious financial penalties so they'll take it seriously. I'm not talking about slap on the wrist fines, I'm talking "We are going to take 25% of your profits for the year" kind of penalties.
They also need to make laws that these companies can only hold this data when it facilitates the customer relationship. Why do they have this data on all these former customers? Well I know why, but it should clearly be illegal to keep socials and all this stuff on file. Furthermore, there needs to be an overhaul to the way that SSNs work. Not sure why that's such a universal identifier. It needs to be updated to use cryptographic keys or something and use an authenticator app to validate.
There needs to be no more offline paperwork when it comes to signing up for credit cards and loans. No writing down your social anywhere, or even using your social! Everything should be electronically processed and validated using modern methods. There should be a standards body to govern this made up of experts and the standards should be updated and implemented on a regular basis to keep up with emerging threats and new technology.
They also need to make laws that these companies can only hold this data when it facilitates the customer relationship. Why do they have this data on all these former customers? Well I know why, but it should clearly be illegal to keep socials and all this stuff on file. Furthermore, there needs to be an overhaul to the way that SSNs work. Not sure why that's such a universal identifier. It needs to be updated to use cryptographic keys or something and use an authenticator app to validate.
There needs to be no more offline paperwork when it comes to signing up for credit cards and loans. No writing down your social anywhere, or even using your social! Everything should be electronically processed and validated using modern methods. There should be a standards body to govern this made up of experts and the standards should be updated and implemented on a regular basis to keep up with emerging threats and new technology.
Don't hold your breath. You may get $1 from a class action lawsuit that is settled 6 years from now.
