T-Mobile experienced a small data breach days before the end of 2021, according to a new report. The news comes a few months after the company suffered a large-scale data breach in August 2021. The new data breach affected a small number of users who were allegedly the target of a SIM swapping attack.
According to the report, many T-Mobile customers received notification of “unauthorized activity” from the mobile operator. “That activity was either viewing the customer’s proprietary network information (CPNI), an active SIM exchange by a malicious actor, or both,” explains The T-Mo Report’s report. Put simply, customers who were victims of the security breach have been the target of a SIM swapping attack or have their personal information disclosed, or both.
First, a customer may have only been affected by a leak in their CPNI. This information can include the billing account name, phone numbers, number of lines in the account, account numbers, and tariff information. That’s not great, but it has a lot less impact than the August breach that leaked customers’ social security numbers.
The second category that an affected customer could fall into is SIM swapping. Here, a malicious actor changes the physical SIM card associated with a phone number in order to gain control of that number. This can and often will result in the victim’s other online accounts being accessed via two-factor authentication codes sent to their phone number. The document states that customers who were affected by a SIM swap have now reversed this measure.
The leaked information included personal data such as “characteristics of your voice call service (e.g. international calls), usage information (such as call logs – including date, time, phone numbers called and duration of calls), and quantitative data such as the minutes used. “Fortunately, the leaked data did not contain any billing-related information such as names, bank account numbers or addresses.
In contrast to the data breach in summer that T-Mobile suffered at the beginning of the year, it affected a very small number of customers. And while the company has not publicly acknowledged the data breach, it has responded to a number of customers on Twitter with the steps they should take if they are affected by the attack.
Via: The T-Mo report