T-Mobile Users' Data Have Been Breached
You’ve probably read an article or heard on the news that another company has had a data breach. It appears that breaches are happening more frequently in the past few years — or at least, we hear about them more. There used to be a time when companies wouldn’t reveal that any data have been compromised or the extent of the data breach.
According to the 2021 IBM Security “Cost of a Data Breach” report, data breaches now cost companies an average of $4.24 million per incident. IBM Security’s report is based on an “in-depth analysis” of real-world data breaches experienced by over 500 organizations. Another interesting finding from IBM Security’s report was that the average time to detect and contain a data breach was 287 days (212 days to detect and 75 days to contain).
A recent data breach on T-Mobile (NASDAQ: TMUS) data has recently been revealed. No company wants to be a part of a data breach, but it does happen. Hackers in the T-Mobile breach have reportedly exposed the data of 100 million people. The hackers claim to have obtained the data from T-Mobile’s servers and are selling a portion of it on an underground forum for 6 bitcoin, which equals about $280,000.
The data included names, phone numbers, and physical addresses along with sensitive data like Social Security numbers, driver’s license information, and IMEI numbers — unique identifiers that are tied to each mobile device. This kind of data could leave people vulnerable and for other spam or identity theft.
Crane Hassold, director of threat intelligence at email security company Abnormal Security, had this to say in a recent interview:
This [T-Mobile data breach] is ripe for using the phone numbers and names to send out SMS-based phishing messages that are crafted in a way that’s a little bit more believable. That’s the first thing that I thought of, looking at this.
The fact that IMEI numbers could be compromised means that the hackers could have enough information to launch SIM-swap attacks. Abigail Showman, a team lead at risk intelligence firm Flashpoint. had this to say:
This could lead to account takeover concerns. Since threat actors could gain access to two-factor authentication or one-time passwords tied to other accounts — such as email, banking, or any other account employing advanced authentication security feature — using a victim’s phone number
These kinds of attacks could be troublesome for T-Mobile customers and could result in their data being significantly compromised. These types of data breaches continue to increase discussion about cybersecurity and how to ensure that the data that companies are responsible for are adequately secured. Of course, incidents happen, but companies should use those incidents as learning experiences.
Investing in security and hiring a security company that has a strong track record will be crucial and beneficial for companies like T-Mobile. However, sometimes even hackers and cyberattackers can get past a cybersecurity company’s efforts to protect its clients and the data that they possess.
T-Mobile said the following in response to this breach:
We have determined that unauthorized access to some T-Mobile data occurred, however, we have not yet determined that there is any personal customer data involved. We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed.
T-Mobile’s recent data breach and others that have occurred throughout this year already are proof that efforts need to be made to invest in cybersecurity companies and understand to what extent their tools can help to secure data.
Until next time,