New T-Mobile Hack: Data of 37 Million Customers Stolen
The American operator T-Mobile announces that it has suffered a new hack, which results in the theft of the data of 37 million customers. The hacker began the theft in November, but the operator didn’t realize it until early January.
T-Mobile explains that the hacker began stealing data using one of its APIs around November 25, 2022. The carrier detected the malicious activity on January 5, 2023 and cut off the attacker’s access to the API one day later.
The society said that the API misused in this security breach did not allow the attacker access to affected customers’ driver’s licenses or other government identification numbers, social security numbers/tax IDs, words password, payment card information or other financial account information. However, names, billing addresses, email addresses, phone numbers, dates of birth, and T-Mobile account information (such as line count and plan details) may have been stolen.
T-Mobile has reported the incident to US federal agencies and is currently working with law enforcement to investigate the hack. The operator also notifies customers whose sensitive personal information has been stolen.
As a reminder, T-Mobile has experienced several hacks over the years. This has been around one to two attacks per year since 2018.