September 21, 2023
Multiple T-Mobile USA customers have gone to social media to report seeing the sensitive information of other customers when logging in to view their personal account.
The leaked data includes credit card balances, purchase history, credit card information, device IDs, and home addresses. The issue was initially severe enough that the T-Mobile subreddit requested users to stop sharing information via social media.
"ATTENTION: We are aware of the security issue going on. For security reasons, we are not allowing posts on the topic," the post read. "Please do not post any information about the ongoing issue. We're waiting to hear from T-Mobile and do not want to exacerbate the issue."
As of Sept. 20, T-Mobile said that the issue has been resolved and was due to a "technology update" glitch.
"There was no cyberattack or breach at T-Mobile. This was a temporary system glitch related to a planned overnight technology update involving limited account information for fewer than 100 customers, which was quickly resolved," said Tara Darrow, T-Mobile spokesperson, in a statement.
While this may come as a relief for some, to others it may only further raise concerns about whether T-Mobile has questionable cybersecurity safeguards, due to the company facing multiple breaches this year alone. January, T-Mobile fell victim to a breach that exposed 37 million customers' data, which went on to also affect customers of Google Fi. This past May, the company yet again faced an attack that started in February and ended in March, affecting 836 customers.
And of course, the telecom operator suffered a data breach in 2021 that affected 47 million people, ultimately leading to a class-action lawsuit and a $500 million settlement. And last year, T-Mobile agreed to pay a settlement of $2.5 million as restitution for its role in the 2015 Experian data breach, which affected 15 million prospective T-Mobile customers.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware