T-Mobile Says Hacker Stole Data From 37 Million Accounts

T-Mobile confirmed Thursday that an unidentified malicious intruder breached its network in late November and stole data on 37 million customers, according to a regulatory filing.

In a filing with the U.S. Securities and Exchange Commission, T-Mobile said Data breach was reported Jan. 5. It also stated that no critical information was stolen, including PINs, bank account numbers and credit card numbers. According to the filing, instead, addresses, phone numbers and dates of birth were accessed.

“Our investigation is still ongoing, but the malicious activity appears to be fully contained at this time,” T-Mobile said, adding that the data was first accessed around Nov. 25 but wasn’t discovered for weeks later.

It also stated that it had hired a cybersecurity firm to investigate the breach. It’s also working with law enforcement and will notify customers if their information was leaked, according to the filing.

The Epoch Times contacted the company to get their opinion. The Epoch Times has reached out to the company for comment. statement Fox News reports that T-Mobile stated that the breach was discovered when it was discovered. “shut down” Within one day.

“As soon as our teams identified the issue, we shut it down within 24 hours. Our systems and policies prevented the most sensitive types of customer information from being accessed, and as a result, customer accounts and finances should not be put at risk directly by this event,” The statement was as follows: “There is also no evidence that the bad actor breached or compromised T-Mobile’s network or systems.”

The company has been hacked several times in recent history, as announced by the announcement. T-Mobile stated in its filing that it didn’t expect the latest breach would have a material impact on its operations.

But a senior analyst for Moody’s Investors Service, Neil Mack, said in a statement that the breach raises questions about management’s cyber governance and could alienate customers and attract scrutiny by the Federal Communications Commission and other regulators.

“While these cybersecurity breaches may not be systemic in nature, their frequency of occurrence at T-Mobile is an alarming outlier relative to telecom peers,” Mack.

The August 2021 intrusion was preceded by breaches that were disclosed in January 2021 (November 2019), August 2018 and August 2018, in which customer information was accessed.

At least eight hacks have been committed against the company since 2018. according Techcrunch. The most recent one occurred in 2022 when a hacking collective known as Lapsus$ gained access to the company’s internal systems and allowed them to take over victims’ phone numbers in what is known as a SIM swap.

In July, T-Mobile agreed to pay $350 million to customers who filed a class action lawsuit after the company disclosed in August 2021 that personal data including Social Security numbers and driver’s license info had been stolen. The breach affected nearly 80 million Americans.

T-Mobile stated Thursday that it was reopening after the latest breach. “substantial multi-year investment” Two years ago, to improve its cybersecurity. “Protecting our customers’ data remains a top priority,” According to the company, “We will continue to make substantial investments to strengthen our cybersecurity program.”

T-Mobile, based in Washington state, became one of the United States’ largest cellphone service carriers in 2020 after buying rival Sprint. After the merger, it reported that it had more than 102 millions customers.

This report was contributed by The Associated Press.

*As an Amazon Associate I earn from qualifying purchases