T-Mobile’s massive data breach leaked info for 5.3 million additional customers
The news about T-Mobile’s latest data breach is only getting worse, as the company announced new details from its investigation. While someone in possession of the leaked data said they had obtained information for as many as 100 million customers, including driver’s license info, IMEI numbers, and more, T-Mobile’s first statement put the figure at 47 million or so and did not mention the IMEI / IMSI data.
Now, T-Mobile has confirmed that for the 7.8 million on-contract, or postpaid, customers it already counted in the breach, data stolen includes the information mentioned Thursday (first and last names, dates of birth, Social Security numbers, and driver’s license / ID numbers), as well as phone numbers and IMEI / IMSI information. IMEI stands for International Mobile Equipment Identity and is a number that’s assigned to every mobile device.
IMSI stands for International Mobile Subscriber Identity and is the identifier for the SIM card to which your mobile phone number is tied. That kind of data could be used to track mobile devices or assist in SIM swapping attacks where someone hijacks your phone number to intercept two-factor authentication codes or other information.
Additionally, 5.3 million more postpaid customers have also been identified as part of the breach, but without revealing their driver’s license / ID or Social Security numbers. The same goes for an additional 667,000 accounts of former T-Mobile subscribers that are being added to the total. Former Sprint prepaid and Boost Mobile customers are still in the clear, however, 52,000 names tied to Metro by T-Mobile accounts were stolen.
An unspecified number of files contained “phone numbers, IMEI, and IMSI numbers.” According to T-Mobile that did not include any personally identifiable information, which is a questionable claim since it could be easy to tie someone’s identity to their phone number based on other leaked data or simply browsing publicly available listings.
The FCC already announced it’s investigating the incident, and at least one class-action lawsuit has been filed against T-Mobile, calling its response and promised two years of identity protection services “inadequate.” The investigation is still ongoing, but T-Mobile customers (current, former, or just prospective ones who filled out an application) can go here for more information.
The news about T-Mobile’s latest data breach is only getting worse, as the company announced new details from its investigation. While someone in possession of the leaked data said they had obtained information for as many as 100 million customers, including driver’s license info, IMEI numbers, and more, T-Mobile’s first…
Recent Posts
- iPhone 16 Plus: latest news, rumors and everything we know so far
- Microsoft and Google vie for top spot in productivity and business app leadership in latest report — Google has a upper hand due to its platform dominance but Microsoft’s LinkedIn emerges as the ultimate Pro social network
- Quordle today – hints and answers for Monday, May 6 (game #833)
- NYT Strands today — hints, answers and spangram for Monday, May 6 (game #64)
- Randy Travis gets his voice back in a new Warner AI music experiment
Archives
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- December 2011