Less than four months after T-Mobile confirmed over a million prepaid customers had their personal data compromised as a result of a "quickly corrected" security "incident", it appears not one but two new "sophisticated attacks" may have impacted sensitive information belonging to an unspecified number of the "Un-carrier's" wireless subscribers.
The first of these fresh data breaches came to our attention a couple of days ago, when a bunch of Redditors shared screenshots of T-Mobile alerts received by text message that prompted affected users to visit a webpage where Magenta detailed the nature of the hack. While it's never pleasant when these things happen, most people informed of this particular attack were relieved to hear their financial data was purportedly not impacted.
But a seemingly different subset of T-Mo customers was less fortunate, receiving a link detailing a much scarier data breach. While we can safely assume these two recent "sophisticated attacks" are somehow connected, the second security breach that came to light over the last 24 hours or so resulted in a wider array of compromised data, including Social Security numbers and financial account information.
This is really, really bad
Needless to say how dangerous it can be for a bad actor to own that kind of info, especially when combined with names and addresses, government identification numbers, as well as phone numbers, billing and account information, and rate plans and features. That's... pretty much everything, although T-Mobile insists there's currently no evidence indicating that the personal information contained in the affected accounts was ever used to commit fraud or "otherwise misused."
At least one angry Redditor appears to dispute that claim, however, alleging his SIM was swapped, BTC wallet hacked, and a "lot of money" transferred out on the heels of T-Mobile's confirmation of the two new data breaches. Another unhappy customer says his phone number was ported over to another SIM card "IN THE UNITED KINGDOM" (emphasis his), leaving support reps "as confused" as the affected user regarding the "magical" number change that didn't even show in T-Mo's system.
For what it's worth, these vexing reports are still far from widespread, but T-Mobile customers should definitely keep an eye on their financial account statements and credit history to contact the police or law enforcement as soon as the first signs of "unauthorized transactions or activity" pop up.
Precautions and promises
Magenta is also offering affected users free access to credit monitoring and identity theft detection services for two years in partnership with TransUnion, all the enrollment instructions being available at the web address provided above.
Keep in mind that, while you should have already been notified of the data breach by text message if you're one of its victims, there's a chance T-Mobile couldn't reach you just yet. That means everyone should remain "vigilant" in the face of potential threats of identity theft or fraud. Additionally, the nation's third-largest wireless service provider urges its customers to be "alert for phishing emails", highlighting legit companies never ask for things like passwords, Social Security numbers, or bank account information over email.
Recommended Stories
While we're on the subject of passwords, this is also a good time to remind you to change the personal identification number (PIN) on your T-Mobile account to avoid the other big threat making the rounds right now.
As for what the "Un-carrier" plans to do to prevent these things from happening again... in four months, the promises are unfortunately as vague as always and the "it happens to everyone" explanation is bound to further enrage many people.
Get a Motorola Razr 2025 for just $199.99!
Switch to a 2-month Total 5G or 5G+ plan with Total Wireless and score this foldable deal.
Adrian, a mobile technology enthusiast since the Nokia 3310 era, has been a dynamic presence in the tech journalism field, contributing to Android Authority, Digital Trends, and Pocketnow before joining PhoneArena in 2018. His expertise spans across various platforms, with a particular fondness for the diversity of the Android ecosystem. Despite the challenges of balancing full-time parenthood with his work, Adrian's passion for tech trends, running, and movies keeps him energized. His commitment to mid-range smartphones has led to an eclectic collection of devices, saved from personal bankruptcy by his preference for 'adequate' over 'overpriced'.
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
To help keep our community safe and free from spam, we apply temporary limits to newly created accounts:
New accounts created within the last 24 hours may experience restrictions on how frequently they can
post or comment.
These limits are in place as a precaution and will automatically lift.
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed:
To help keep our community safe and free from spam, we apply temporary limits to newly created accounts: