Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
T-Mobile Says an Additional 5.3 Million Customer Accounts Were Compromised in Data Breach
- Thread starter MacRumors
- Start date
- Sort by reaction score
Notice the subtle difference between the message you got and mine .
i guess they are trying to tell me that in my case ,my ssn was compromised…3-4 major breaches in 3 yrs ? Incompetent jerks ! I keep my credit frozen as well but that doesnt necessarily mean we can rest easy…. free mcaffee monitoring isnt much consolation…how about a year of free service ? ( never happen) Waiting to hop on a class action suit..
”T-Mobile has determined that unauthorized access to some of your personal data has occurred. We have no evidence that your debit/credit card information was compromised. We take the protection of our customers seriously. We are taking actions to protect your T-Mobile account and we recommend that you take action to protect your credit. Read more here:”
T-Mobile should have alerted you to what kind of information was accessed. That message is crap.
I think data breaches have become “normalized” and “priced in” on Wall St. at this point, with the expectation that the chances of long-term damage to a company are minimal based on all of the previous data breaches. Data breaches are like Covid-19, it won’t go away completely and eventually we’ll learn to live with it thanks to mitigation measures like a possible SSN replacement.
This (i.e. using a credit card instead of a debit card) is good advice, but has really nothing to do with ID theft or with this breach, which apparently did not include any card numbers.
ID protection services are near useless. They monitor your credit file and alert you after the damage has already been done. They promise to help you recover later, but their promises are vague and non-binding. There's also a good chance that they will be breached themselves sooner or later, another possible way your personal information can be leaked ...
The better protection against ID theft is to place security freezes on your credit files at the nationwide credit bureaus (Equifax, Experian, Innovis, Transunion). It's free by federal law, does not affect your credit score, and the only small inconvenience is that you need to temporarily lift the freeze whenever you apply for new credit somewhere (this can be done online and only takes a few minutes). In this day and age everyone should freeze their files.
Better yet, set up your card account to send you a notification whenever there's a transaction.
It's just incomprehensible to me that no one is really watching. Having worked as programmer, supervisor, security officer, I'd never worked for an organization that didn't care enough to pay attention.
T-Mobile: a data breach has exposed info of over 55 million customers
AT&T: Hold my beer...
A Notorious Hacker Gang Claims to Be Selling Data on 70 Million AT&T Subscribers
The claims come not long after T-Mobile confirmed that millions of its customers were affected by a large data breach. AT&T has denied the allegations.
gizmodo.com
A prolific hacker gang claims to be selling data on 70 million AT&T customers, the likes of which would appear to include names, phone numbers, social security numbers, DOBs, home addresses, and more.
On Thursday, RestorePrivacy broke the news that ShinyHunters, a well-known threat actor, was advertising the apparent database on RaidForums, a popular dark web marketplace. The cybercriminals are asking for $1 million for the entire database, and are selling segments of the data for $30k apiece.
The careful wording here would seem to show the telecom hedging against a more definitive refutation. In fact, in a follow-up email to BleepingComputer, the company equivocated over whether the data could have been stolen from a third-party: “Given this information did not come from us, we can’t speculate on where it came from or whether it is valid,” the firm said.
In the past, ShinyHunters has targeted the likes of Microsoft, Mashable and droves of other small- to mid-sized platforms. Its modus operandi is to steal or buy large troves of data, then dump and sell the digital bounties on underground platforms.
AT&T denies data breach after hacker auctions 70 million user database
AT&T says that they did not suffer a data breach after a well-known threat actor claimed to be selling a database containing the personal information of 70 million customers.
When asked whether the data may have come from a third-party partner, AT&T chose not to speculate.
"Given this information did not come from us, we can't speculate on where it came from or whether it is valid," AT&T told us in a follow-up email.
ShinyHunters has told BleepingComputer that they are not surprised that AT&T denies the breach and continues to state that it comes from them.
"I don't care if they don't admit. I'm just selling," ShinyHunters told BleepingComputer.
Looks like 70 million AT&T subscribers just joined the data breach party.
Each of my credit cards (I have 4) has a security setting where they notify me when ANY charge is posted to them, Any charge at all and my Watch and iPhone buzz me a message. Often before the clerk Hans me my item. I highly recommend this.
I filled that out at time of event for all of my phone lines and I still have not received any email!
I got the notification, but it said neither any passwords or PINs were compromised. I'll change them, anyway.
tmobile customer support is on another level of horrid, the 1 year i spend with them i couldn't wait for the contract to expire, they managed to lose 3 trade in iphones i sent in with the shipping label they provided, so the fact that this happened doesn't surprise me one bit.
It's sad but it's likely cheaper to get hacked now and then and face basically no consequences rather than spend the money to do things properly. So they take the cheaper route.
They are very truthful about preventing future attacks, Don’t worry they changed all the passwords from Password1! To P@ssw0rd.
A lot of people do. I’m sure bad credit etc has something to do with it.
I think that squirrel that runs along my fence every morning wasn't affected. And that's only because he doesn't have any pockets for a cell phone. Or a debit card, for that matter. But he's got his own problems. I think he wants to be a dove and fly free.
Words are things that have meaning when we use them in together in sequence. You know, strung together to make these things called "sentences", which kind of mean the same thing as that "thought" you had in your head before you sat down in front of your screen. Oh, and these sentences are usually separated by these other things called "periods". Periods are the thing that keep your written words from being like your breakfast when it comes out of your blender.
No, the security failure fix is to harshly punish the perpetrators. Oddly enough, it really makes other people think twice about committing the same crime as somebody else who already did and is reaping rich punishment for it.
Hangings are effective, and there are other ways too, but most people would probably settle for long prison sentences.
"use it to get 2FA codes"? Just how would you clone a SIM card of somebody you don't know and have never met?
It is. Just remember it this way. You are ONE company. A castle, maybe.
There are thousands of attackers on any given day. And they're not all trying to storm your drawbridge, so you can't apply all your troops to one single place. They're actually trying to attack you from land, sea, and the underground. And they have dragons, so they're trying to fly over your castle walls too!
These things are all true. Especially the part about the hack being on the person and not a computer.
Maybe, maybe not.
If I'm a hacker, I don't need to find your Twitter or FB account. I can just find a corporation with some vulnerabilities and maybe with a little SQL injection, I can get a bunch of names and numbers from a database.
Your Tic-Toc dance might not even be needed. But Tic-Toc, being owned by a Chinese company, may not be the smartest app to have on your devices...
This is hilarious!
Well put, but then you clipped a few trees and then nose-dived into the mountain.
It's "ineptitude", with an "e" on the end. But you almost had it there! ?
And then you hit the mountain head-on. "Corporate welfare"? That word has been used now for a few decades, and the only time I think it applies is when a company receives money from the government that the taxpayers haven't directly approved of. You know, a bailout. Or a grant of any kind that comes from a local or national government.
Yes, THAT would be corporate welfare. We can't just claim "corporate welfare" every time a company is in the news for something embarrassing.
Firing squads work too. ?
They don't. I got a couple of checks from different class action settlements. The amounts are always piddling.
Yep, so in my case, the two checks I received from settlements came at different times, and they were for different companies who had made a mistake reporting some financials. I think I might have owned one stock for a couple of months, and the other for about a year and a half. Lost some on the first, had gains on the second.
The checks were being sent to people who were shareholders during the time period of the financial misdisclosures. I'm sure that I was not damaged by either company's alleged misreportings. I use a lot of indicators when deciding to buy, sell, or hold any investment, and one little 10Q or quarterly reporting indicator probably wouldn't have been a reason for me to make a different decision.
So anyway, one check was for something around $1.50. And the other one was for something like $2.72.
Not $1.50 and $2.72 per share owned; that would have net me thousands. No no no, it was for $1.50 and $2.72, or a total of $4.22. And no, neither check was directly deposited to any of my investment/brokerage accounts.
They came as paper checks. That was before the time that my bank offered an app that let me deposit checks with my smartphone, so I actually had to go to the bank and stand in line. I guess that was my punishment for being a member of the class. ?
Worse than that, I think it's a control thing with all possible outcomes intentionally made meaningless. To go into that deeper would get my hand slapped by the mods for political discourse.
Don't do it. Verizon is no better. My Verizon phone has been ringing all day with that robot-voiced lady threatening to call the FBI on me. Hey, ask them to call ahead; I'll put out a fresh pot of coffee and some danishes!
Me too, and I'm not even on T-Mobile! Why doesn't the T-Mobile girl ever call me? I might actually fall for a scam if it was her on the line! ? Oh, that's right, I just said I'm not on T-Mobile.?
You won't like my suggestions. They involve actual pain to the perpetrators, and people seem to have an aversion to that. After all, we emptied the prisons for Covid, right?
You do know the US is broke, right?
In 2016, the IRS collected about $3.2 trillion and spent about $3.8 trillion.
The US has a national debt of $28.1 trillion
We only collect about $3.5 billion in taxes each year, and to "make up for that", we spend more than we collect each year.
Debt is wrong. Yet, there it is.
"loses money anyway"? This is not a cartoon, it's real life. No, they go OUT of business.
Right, in my story above, I didn't mention that in each of those cases, I had to read the attorney's emails for years, and still not get enough money to buy myself a pizza. Really, it wasn't worth it in the end. I would have rather seen punishments made to the people who screwed up the reportings.
Last edited:
Happens a lot. Walk into tmobile store tell them you lost your SIM and need a new one, verify your ID with the info you stole, they give you a new SIM with the target's phone number
Your comment about ineptitude an example of annoying iPad OS software and time spent dealing with it. Notice the first time ineptitude used. Many times when a word ends a sentence, the autocorrelation software can drop the last character and not catch the misspelling. Plus for some strange reason the keyboard that does this randomly becomes the default. Now one has to carefully proof read. The point of these posts, speaking by typing. Not a writing class and thus some reader translation maybe required. Ever record yourself and say was any of that complete sentences. We pay good monies to be annoyed. Almost there to getting my full Apple benefits.