Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

T-Mobile Reports Data Breach for the Third Time in 2021

published on 2021-12-30 10:29:05 UTC by CISOMAG
Content:

It looks like T-Mobile is cursed to encounter frequent security incidents, affecting its customers’ sensitive information. After reporting a security intrusion in August 2021, the American telco giant reportedly again sustained a cyberattack that exposed users’ data and SIM details.

According to a report, unknown hackers accessed customer accounts to view customer proprietary network information (CPNI) or launch SIM swapping attacks.

Data Breach or SIM Swap  

The report stated T-Mobile customers either had their CPNI exposed or fell victim to a SIM swapping attack, or both. The CPNI information includes customers’ billing account names, phone numbers, number of lines on the account, account numbers, and mobile plan details.

What is SIM Swapping?

In a SIM swapping attack, cybercriminals call service providers and trick them into changing a victim’s phone number to an attacker-controlled SIM card. This allows the attacker to reset passwords and access victims’ sensitive data via bypassing users’ 2FA protection.

Customers Data at Risk

While there is no information on how many customers were affected by the incident, T-Mobile stated it had notified the impacted users.

“We informed a very small number of customers that the SIM card assigned to a mobile number on their account may have been illegally reassigned or limited account information was viewed. Unauthorized SIM swaps are unfortunately a common industry-wide occurrence. However, this issue was quickly corrected by our team, using our in-place safeguards, and we proactively took additional protective measures on their behalf,” T-Mobile said in a media statement.

One Telecom – Multiple Data Breaches

Unfortunately, this is not the first security incident for T-Mobile  this year. Recently, in August, that company confirmed an unauthorized intrusion that affected customers’ sensitive data. T-Mobile also suffered data breach incidents in February and March that exposed users’ data to various security risks. While T-Mobile did not reveal the details about the kind of data breached or the number of affected users, a report claimed that attackers obtained sensitive information related to over 100 million users from T-Mobile servers.

Earlier, the company also recommended a few mitigation tips to its customers, who are concerned about their private data being vulnerable; these include:

  • Monitor all your accounts to find any unauthorized/fraudulent activity. Don’t forget to report if you find any suspicious activity.
  • Use a credit monitoring service to ensure data privacy.
  • Do not respond to suspicious emails/messages received from unknown sources.
  • Change passwords of all your online accounts.

Constant security incidents could bring multiple and severe repercussions to organizations, such as losing customers’ trust and impacting brand value. Therefore, organizations must implement robust and continuous cybersecurity measures to mitigate security incidents.

The post T-Mobile Reports Data Breach for the Third Time in 2021 appeared first on CISO MAG | Cyber Security Magazine.

Article: T-Mobile Reports Data Breach for the Third Time in 2021 - published almost 3 years ago.

https://cisomag.eccouncil.org/t-mobile-reports-data-breach-for-the-third-time-in-2021/   
Published: 2021 12 30 10:29:05
Received: 2021 12 30 11:26:37
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security
Views: 2

Custom HTML Block

Click to Open Code Editor