T-Mobile has confirmed it suffered a recent data breach that might have affected a number of customers. This is not the first time such an incident has affected those subscribed to the self-proclaimed un-carrier. However, the good news is the degree of customer information that might have been compromised on this occasion, is not as serious as it could have been or has been in the past.
2020 was a difficult year for many, and this includes in terms of their data. For example, in December Spotify confirmed a security flaw that potentially could have exposed account data. In August, a major data breach potentially impacting as many as 235 million Instagram, TikTok, and YouTube profiles was revealed. In fact, T-Mobile was also not immune to 2020 privacy concerns, considering that a previous data breach is understood to have happened in March, 2020. Following previous incidents in both 2019 and 2018.
T-Mobile has confirmed that a “security incident” in December may have impacted the account information of some of its customers. The incident is said to have specifically been in relation to Customer Proprietary Network Information (CPNI) and T-Mobile has reached out to affected consumers to let them know they may have been impacted. According to reports from multiple outlets, including Bleeping Computer, T-Mobile confirmed the incident affected a "small number of customers (less than 0.2%)."
Compromised T-Mobile Customer Data
In its confirmation, T-Mobile specifically made it clear that the data breach did not include the most serious and sensitive of customer information. For example, names, email addresses, financial information, social security numbers, and tax IDs were not accessed. Likewise, neither was security data, such as passwords or PINs. However, customer phone numbers and the number of lines associated with an account might have been accessed during the breach. T-Mobile also explained that call-related information might have also been exposed, in some cases.
While any data breach is a concern for customers, they are not all equal with some proving more serious than others, due to the nature of data that might have been accessed. On this occasion, the data is specifically related to calls, whether it be numbers and/or activity. Again, while that’s bad enough, the data breach did not include the most sensitive information, such as personal, financial, or security details. Furthermore, while 0.2-percent of T-Mobile’s customer base is still significant, considering how many there are overall, it could have been much worse. For those concerned, unless they receive a text or email alert from T-Mobile regarding the issue, it is unlikely they have been affected by this latest data breach.
Source: T-Mobile