According to a new report, T-Mobile has undergone a small-scale data breach days before the year 2021 ends. The news comes a few months after the company suffered a large-scale data breach in August 2021. The new data breach affected a small number of users who were allegedly a target of a SIM swapping attack.
According to the report, many T-Mobile customers received the "unauthorized activity" notification from the mobile carrier. “That activity was either the viewing of customer proprietary network information (CPNI), an active SIM swap by a malicious actor, or both,” explains the report from The T-Mo Report. In simple terms, customers who were the victim of the breach were a target of a SIM swapping attack or had their personal information exposed, or both.
First, a customer may have only been affected by a leak of their CPNI. This information may include the billing account name, phone numbers, number of lines on the account, account numbers, and rate plan info. That’s not great, but it’s much less of an impact than the breach back in August had, which leaked customer social security numbers.
The second category an affected customer might fall into is having their SIM swapped. This is where a malicious actor will change the physical SIM card associated with a phone number in order to obtain control of said number. This can, and often does, lead to the victim’s other online accounts being accessed via two-factor authentication codes sent to their phone number. The document says that customers affected by a SIM swap have now had that action reversed.
The information leaked contained personal data like "features of your voice calling service (e.g., international calling), usage information (like call logs — including date, time, phone numbers called, and duration of calls), and quantitative data like minutes used." Thankfully, the data leaked doesn't contain any billing-related information, like names, account numbers, or addresses.
Unlike the summer data breach T-Mobile suffered earlier this year, this one has impacted a very small number of customers. And even though the company hasn't acknowledged the data breach publically, it has replied to a number of customers on Twitter with the steps they should take in case they're affected by the attack.
Via: The T-Mo Report