Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security

T-Mobile Discloses 2nd Data Breach of 2023, This One Leaking Account PINs and More (arstechnica.com) 17

T-Mobile on Monday said it experienced a hack that exposed account PINs and other customer data in the company's second network intrusion this year and the ninth since 2018. From a report: The intrusion, which started on February 24 and lasted until March 30, affected 836 customers, according to a notification on the website of Maine Attorney General Aaron Frey. "The information obtained for each customer varied but may have included full name, contact information, account number and associated phone numbers, T-Mobile account PIN, social security number, government ID, date of birth, balance due, internal codes that T-Mobile uses to service customer accounts (for example, rate plan and feature codes), and the number of lines," the company wrote in a letter sent to affected customers. Account PINs, which customers use to swap out SIM cards and authorize other important changes to their accounts, were reset once T-Mobile discovered the breach on March 27.

The incident is the second hack to hit T-Mobile this year. It's the ninth since 2018, based on reporting by TechCrunch. In January, T-Mobile said "bad actors" abused its application programming in a way that allowed them to access the data of 37 million customers. The hack started on November 25, 2022, and wasn't discovered by T-Mobile until January 5, TechCrunch said. Data obtained in that incident included names, billing addresses, email addresses, phone numbers, dates of birth, T-Mobile account numbers, and information such as the number of lines on accounts and plan features.

This discussion has been archived. No new comments can be posted.

T-Mobile Discloses 2nd Data Breach of 2023, This One Leaking Account PINs and More

Comments Filter:
  • I wonder if this also affects providers like MetroPCS that get their service through T-Mobile.
  • Well, despite the fact that T-Mobile clearly has terrible security practices, at least one thing I can say for sure is I have yet to be affected. I just really don't like any of the other mobile phone companies. Maybe Mint? I just know I won't go back to Verizon, and never AT&T.

    • Mint was purchased by T-Mobileâ¦â¦

      • by kellin ( 28417 )

        fuck. I forgot about that. Well, I guess I'll just continue to walk bent over, just to make it easier for when the eventual happens.

        Oh wait, there's Spectrum? I dunno. I've had internet service in couple locations over the years - both residential and business - and they've been generally decent, although I've heard bad things. Dunno about their cell service, though.

      • by ahziem ( 661857 )
        The Mint Mobile deal is not final, and last week there stories that it faces DoJ scrutiny. Example: https://nypost.com/2023/04/20/... [nypost.com]
    • Sooner or later someone will compromise your account just to see if you have any crypto holdings they can get into.

  • TMobile is a business built of junkyard parts, this is what you get.

    • by gweihir ( 88907 )

      Seems to be better (or actually "less bad") than the competition though. Or are they gaming the market to be successful?

    • by wshs ( 602011 )
      Seems like they hired adobe to handle their security practices
  • What are the odds this is from shit done by shady vendors? When I worked there, vendors made progress next to impossible.
  • Well, time to go sign up for Mint Mobile instead...OH WAIT, Tmobile bought them and Ryan Reynolds is an asshole.
    • Well, time to go sign up for Mint Mobile instead...OH WAIT, Tmobile bought them and Ryan Reynolds is an asshole.

      Ryan Reynolds is an A-hole? Srsly?

      Ryan was smart to get out while the getting was good. That's how SMART PEOPLE make their money.

      Ryan probably figured out there was not much UP side left in his Mint Mobile investment and T-Mobile was banging on the door with sacks of $$.

      When a company is willing to pay you sacks full of $$, and you can see a mega profit on your investment by taking it, you would be a COMPLETE FOOL (or a Leftist or Progressive...except Nancy Pelosi and elected politicians like her) to refuse

  • Pay more up front if you have to. Assume they will get hacked again next month.

    On a side note, Congress has failed here. If a business needs to do a credit check so be it. But once done they should have to delete the SSN and all credit check data as if they never had it to start with. This should be the law. Maybe states could do this if Congress won't do its job.

    • The problem is that businesses that do credit checks are co-opted into the credit bureau ecosystem by reporting your creditworthiness to the bureaus on a semi-regular basis. In some cases, it's to ding you (for example, if you fail to pay your bill and they have to go to collections.)

      To get rid of the problem, you'd need to stop them from using social security identifiers completely, or ban the credit bureaus from doing business.

      I agree about paying up front... just sign up for prepaid service when possibl

  • I'm sure this will eventually become a class action lawsuit, and all of us T-Mobile customers will get a check for 37 cents plus a year of free credit monitoring from Experian.

    Then all will be well again.

    • I'm sure this will eventually become a class action lawsuit, and all of us T-Mobile customers will get a check for 37 cents plus a year of free credit monitoring from Experian.

      With only 836 users impacted, perhaps they can each get a significant amount of money

Genius is ten percent inspiration and fifty percent capital gains.

Working...