T-Mobile Confirms Data Breach Exposing Customers Phone Numbers

Telecommunications company T-Mobile suffered a data breach involving the information generated by customers, known as the CPNI.

The company began texting customers with an alert warning regarding a security incident, which exposed some customers’ account information, call records, phone numbers, and a number of lines on an account.

Security and cybersecurity firm discovered malicious and unauthorized access to the T-Mobile systems, which led to the hacking of the customer data. Meanwhile, the company clarified that no account holders’ names, physical addresses, and financial data were accessed.

T-Mobile Confirms Data Breach

“Customer proprietary network information (CPNI) as defined by the Federal Communications Commission (FCC) rules was accessed. The CPNI accessed may have included phone number, number of lines subscribed to on your account, in some cases, call-related information,” stated T-Mobile.

About 0.2 percent of customers were said to be affected by the breach, approximately 200,000 people. T-Mobile said those who received an alert should be on the lookout for suspicious texts, emails, and other information that links to non-T-Mobile web pages.

Hackers can attempt targeted phishing attacks to steal further information on affected customers. According to Android Police, the incident happened in November and was just discovered in December following routine security checks.

The CPNI may contain all location data, including tower IDs, and granular information from certain devices. This year’s pretty bad for the telecommunications company as it was hit early this year by a cyberattack.

“We are currently notifying a small number of customers that some information related to their account may have been illegally accessed. The data accessed did not include any names associated with the account, financial data, social security numbers, passwords,” clarified T-Mobile.

Last March, T-Mobile shut down a malicious intrusion to its systems, exposing customers’ personal and financial information. This originated from an email vendor, with hackers securing access to some customers’ account information and even company employees.

Two years ago, T-Mobile was also attacked, exposing customers’ names, billing ZIP codes, phone numbers, email addresses, account numbers, and types. Around 3 percent of the customers were impacted at the time.

The telecommunications company advised affected customers to call their hotline in case of additional questions and concerns. Any suspicious movements can be reported to T-Mobile for further assistance.

Regardless of the cyberattacks this year, the company has overcome logistical and legal obstacles, in addition to surpassing AT&T’s subscriber count, and expanding to the 5G network.