T Mobile that suffered a massive data breach in August this year has again fallen prey to a similar hack in December 2021 that saw information leak of a small set of the telecom company customers.
According to those reporting to our Cybersecurity Insiders, the attack took place in three forms, with the first targeting the customer proprietary network info(cpni), and second related to SIM swap and third involving customers targeted with both the said forms of incidents.
In the first attack, hackers might have accessed billing account details such as names, phone numbers, numbers linked to the accounts and rate plan details. In the 2nd instance, the threat actors somehow gained server access and tried to access information related to SIM cards and IMEI number that can be used by them later to hack into their online accounts.
The 3rd category of affected customers was those whose private CPNI was viewed and their SIM cards were swapped.
T-Mobile is yet to acknowledge the data breach on an official note. However, released a press update via twitter that its staff is yet to reach to a conclusion over the data breach and issues like who was involved and what type of data/information was accessed and stolen.
Note- On August 18th, 2021, T-Mobile confirmed it had become a victim of a cyber attack where sensitive information related to over 40 million of its customers was accessed by hackers. And the leaked data includes first and last names, birth dates, driving license details, social security numbers and phone numbers. As a compensation, the telecom giant offered a free-identity-protection service from McAfee to all the affected customers and urged them to change their account PINs as early as possible.
