This stolen data is being actively sold, but if the past is any teacher much of it will wind up posted online soon. T-Mobile said it would pay for two years of identity theft protection services for any affected customers, and that it was offering “an extra step to protect your mobile account with our Account Takeover Protection capabilities for postpaid customers, which makes it harder for customer accounts to be fraudulently ported out and stolen.” Why it wouldn’t make that extra protection standard for all accounts all the time is not entirely clear.
No customer financial information, credit card information, debit or other payment information or SSN was in this inactive file.” “We have also confirmed that there was some additional information from inactive prepaid accounts accessed through prepaid billing files. No Metro by T-Mobile, former Sprint prepaid, or Boost customers had their names or PINs exposed,” T-Mobile said. “We have already proactively reset ALL of the PINs on these accounts to help protect these customers, and we will be notifying accordingly right away. T-Mobile said it was also able to confirm approximately 850,000 active T-Mobile prepaid customer names, phone numbers and account PINs were also exposed.
#How to get text message transcripts from t mobile drivers
The hackers claimed one of those databases held the name, date of birth, SSN, drivers license information, plaintext security PIN, address and phone number of 36 million T-Mobile customers in the United States - all going back to the mid-1990s. The intrusion first came to light on Twitter when the account started tweeting the details, and someone on a cybercrime forum began selling what they claimed were more than 100 million freshly hacked records from T-Mobile. T-Mobile hasn’t yet responded to requests for clarification regarding how many of the 7.8 million current customers may also have been affected by the credit application breach. It is not clear how many people total may be impacted by this breach. “This precaution is despite the fact that we have no knowledge that any postpaid account PINs were compromised,” the advisory reads.
Nevertheless, T-Mobile is urging all T-Mobile postpaid customers to proactively change their account PINs by going online into their T-Mobile account or calling customer care at 611. “Importantly, no phone numbers, account numbers, PINs, passwords, or financial information were compromised in any of these files of customers or prospective customers.” “Our preliminary analysis is that approximately 7.8 million current T-Mobile postpaid customer accounts’ information appears to be contained in the stolen files, as well as just over 40 million records of former or prospective customers who had previously applied for credit with T-Mobile,” the company wrote in a blog post. In a statement Tuesday evening, T-Mobile said a “highly sophisticated” attack against its network led to the breach of data on millions of customers. The acknowledgment came less than 48 hours after millions of the stolen T-Mobile customer records went up for sale in the cybercrime underground. T-Mobile is warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company.