Cyber Security Threat Summary:
“T-Mobile disclosed the second data breach of 2023 after discovering that attackers had access to the personal information of hundreds of customers for more than a month, starting late February 2023. Compared to previous data breaches reported by T-Mobile, the latest of which impacted 37 million people, this incident affected only 836 customers. Still, the amount of exposed information is highly extensive and exposes affected individuals to identity theft and phishing attacks. ‘In March 2023, the measures we have in place to alert us to unauthorized activity worked as designed and we were able to determine that a bad actor gained access to limited information from a small number of T-Mobile accounts between late February and March 2023,’ the company said in data breach notification letters sent to affected individuals just before the weekend, on Friday, April 28, 2023” (Bleeping Computer, 2023).

Security Officer Comments:
T-Mobile says that PII data was potentially accessed including full name, contact information, account number and associated phone numbers, T-Mobile account PIN, social security number, government ID, date of birth, balance due, internal codes that T-Mobile uses to service customer accounts (for example, rate plan and feature codes), and the number of lines. While this varies per impacted customer, threat actors will most likely use the allegedly stolen data to conduct identity theft, social engineering and targeted phishing attacks.

Suggested Corrections:
Since the breach, T-Mobile has reset account PINs for impacted customers and is offering two years of free credit monitoring and identity theft detection services via Transunion myTrueIdentity. Impacted customers should closely monitor their finances and be on the look out for targeted phishing attacks.

Link:
https://www.bleepingcomputer.com/