T-Mobile ends 2020 on a decidedly low note with yet another big 'security incident'
UPDATE: Shortly after publishing our original story below, T-Mobile's media relations department has reached out to share a very encouraging number highlighting the relatively small scale (in the grand scheme of things) of this newly revealed security breach.
While Magenta isn't willing to go so far as to explicitly confirm the exact number of users directly impacted by the incident, the wireless service provider is only "notifying less than 0.2%" of its customers about the issue detailed earlier today.
That's not nothing, mind you, given that said customer base recently jumped over the 100-million mark, possibly equating to around 200,000 people across the nation. But it's also not a debacle in any way similar to the absolutely massive network outage from last summer.
##
Alas, the "Un-carrier" also suffered several setbacks of a technical and security nature in the last 12 months, making plenty of shameful headlines due to a huge nationwide outage in June and receiving a little bit of negative media attention in March as well for a data breach of much smaller proportions.
Said "security event" closely followed a similar incident from late last year, and unfortunately, a whole bunch of T-Mo customers have reportedly just been alerted of yet another such issue. Needless to say that's not the kind of text message one would hope to get on the eve of, well, New Year's Eve, but at the same time, it's always wise to be honest and transparent about these things.
On that note, Magenta has already set up a dedicated webpage detailing exactly what type of information was compromised, and perhaps more importantly, what was not unlawfully accessed in this latest data breach.
Your most sensitive and precious information is (probably) safe
Fortunately, it looks like you don't have to worry about names on T-Mobile accounts, physical or email addresses, financial data, credit card info, social security numbers, tax ID, passwords, or PINs potentially falling into the wrong hands (at least as a result of this particular cyber attack).
Instead, all that an unnamed group of hackers was able to obtain is "customer proprietary network information (CPNI) as defined by the Federal Communications Commission (FCC) rules." That may include phone numbers, as well as the number of lines associated to certain accounts, and in "some cases", call-related information gathered "as part of the normal operation of your wireless service."
In other words, this security incident was slightly less serious than a few similar breaches reported in the recent (and not-so-recent) past, including by T-Mobile's competition. Still, in an ideal world, these things would never happen, and in any world, it's important to treat each and every potentially dangerous situation with the utmost seriousness.
All that being said, you should keep in mind that those who haven't received a security alert text from T-Mo in the last 24 hours or so were most likely never affected by the data breach in the first place, which is said to have gone down at some point last month.
Things that are NOT allowed: