SIGforum.com    Main Page  Hop To Forum Categories  The Lounge    T-Mobile hacked AGAIN … data stolen from 37 million customers
Go
New
Find
Notify
Tools
Reply
  
T-Mobile hacked AGAIN … data stolen from 37 million customers Login/Join 
Baroque Bloke
Picture of Pipe Smoker
posted
“Around 37 million T-Mobile customers have had their personal data stolen after an 'unidentified malicious intruder' hacked the mobile giant's network - its second major security beach in just two years.

The company told the Security and Exchange Commission the breach was discovered on January 5 and said the data stolen included customers' addresses, phone numbers and dates of birth.

Based on its investigation to date, the breach did not expose passwords, Pins, bank account or credit card details, Social Security numbers or other government IDs.

The firm said it had notified law enforcement and federal agencies, stating the data was first accessed on or around November 25.
……

'Our investigation is still ongoing, but the malicious activity appears to be fully contained at this time, and there is currently no evidence that the bad actor was able to breach or compromise our systems or our network,' the company said, adding it had begun notifying impacted customers. …”

[I haven’t been notified … so far…]

https://mol.im/a/11656571



Serious about crackers
 
Posts: 9693 | Location: San Diego | Registered: July 26, 2014Reply With QuoteReport This Post
Thank you
Very little
Picture of HRK
posted Hide Post
Same here no notice yet...
 
Posts: 24660 | Location: Gunshine State | Registered: November 07, 2008Reply With QuoteReport This Post
Nullus Anxietas
Picture of ensigmatic
posted Hide Post
I believe this would be the third major breach in recent history.

I like TMO as a wireless carrier, but, this is appalling.



"America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe
"If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher
 
Posts: 26031 | Location: S.E. Michigan | Registered: January 06, 2008Reply With QuoteReport This Post
Member
posted Hide Post
I've been receiving text messages from T-Mobile about new promotions to reduce my monthly charges. I replied and almost fell for their scam. The scammers used the same text address, 456, as T-Mobile. Beware.
 
Posts: 1036 | Location: Central Ohio | Registered: January 05, 2018Reply With QuoteReport This Post
Member
posted Hide Post
This is why I give out as little info as possible. Why does a cell service need your DOB?
I remember in very old days Bell would only need an name and address.
 
Posts: 1639 | Location: Lehigh County,PA-USA | Registered: February 20, 2005Reply With QuoteReport This Post
Member
Picture of konata88
posted Hide Post
People really need to be held criminally liable and accountable each time this occurs.




"Wrong does not cease to be wrong because the majority share in it." L.Tolstoy
"A government is just a body of people, usually, notably, ungoverned." Shepherd Book
 
Posts: 13216 | Location: In the gilded cage | Registered: December 09, 2007Reply With QuoteReport This Post
Peace through
superior firepower
Picture of parabellum
posted Hide Post
It seems to me that- as weird as it sounds- the size of the breach is the only protection we have. If the thieves had managed to steal, say 2000 names, then the odds are very good that a customer is going to have a problem, but 37 million?


____________________________________________________

"I am your retribution." - Donald Trump, speech at CPAC, March 4, 2023
 
Posts: 110033 | Registered: January 20, 2000Reply With QuoteReport This Post
I Deal In Lead
Picture of Flash-LB
posted Hide Post
quote:
Originally posted by TRIO:
This is why I give out as little info as possible. Why does a cell service need your DOB?
I remember in very old days Bell would only need an name and address.


I've had cell service through Verizon and ATT and nobody ever asked me for a birthdate.
 
Posts: 10626 | Location: Gilbert Arizona | Registered: March 21, 2013Reply With QuoteReport This Post
Optimistic Cynic
Picture of architect
posted Hide Post
quote:
Originally posted by parabellum:
It seems to me that- as weird as it sounds- the size of the breach is the only protection we have. If the thieves had managed to steal, say 2000 names, then the odds are very good that a customer is going to have a problem, but 37 million?
"Lost in the noise" is not regarded as an effective security measure. It may well be that the perpetrators of the breach intend to sell the data to others to exploit, perhaps in blocks of no more than 2,000 names per transaction.

I've been spending a lot of time in various medical provider's vicinities lately, it is almost universal that the DoB is used as an identity confirmation, knowing name+DoB is enough to gain access to medical records, etc. in most cases.
 
Posts: 6933 | Location: NoVA | Registered: July 22, 2009Reply With QuoteReport This Post
His Royal Hiney
Picture of Rey HRH
posted Hide Post
I haven't received any notice for this or the last one from T-Mobile. I only heard about the hack from this thread.



"It did not really matter what we expected from life, but rather what life expected from us. We needed to stop asking about the meaning of life, and instead to think of ourselves as those who were being questioned by life – daily and hourly. Our answer must consist not in talk and meditation, but in right action and in right conduct. Life ultimately means taking the responsibility to find the right answer to its problems and to fulfill the tasks which it constantly sets for each individual." Viktor Frankl, Man's Search for Meaning, 1946.
 
Posts: 20257 | Location: The Free State of Arizona - Ditat Deus | Registered: March 24, 2011Reply With QuoteReport This Post
Experienced Slacker
posted Hide Post
Maybe I should be more pissed off about this, but I am just worn out from living in a post-privacy civilization for so long.
Had to go to the "local" IRS office a few years back to straighten out my identity because a former employer got hacked. Big pain in the ass that was totally out of my control.

Lie whenever possible about as much as you can when signing up, keep several silos of emails, use a good password manager and two-factor authorization. That's life now.
 
Posts: 7550 | Registered: May 12, 2004Reply With QuoteReport This Post
Member
posted Hide Post
quote:
Originally posted by Rey HRH:
I haven't received any notice for this or the last one from T-Mobile. I only heard about the hack from this thread.

Nor did I, I called T-Mobile customer service yesterday when I suspected the scam even though the scammer knew my monthly payment to the penny. CS told me there were no promotions for reduced billing, CS didn't say there was a data breach.
 
Posts: 1036 | Location: Central Ohio | Registered: January 05, 2018Reply With QuoteReport This Post
Down the Rabbit Hole
Picture of Jupiter
posted Hide Post
quote:
Originally posted by parabellum:
If the thieves had managed to steal, say 2000 names, then the odds are very good that a customer is going to have a problem, but 37 million?


That comes out to be 1 customer for every scam artist in India. Smile


Diligentia, Vis, Celeritas

"People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf."
-- George Orwell

 
Posts: 4955 | Location: North Mississippi | Registered: August 09, 2002Reply With QuoteReport This Post
Back, and
to the left
Picture of 83v45magna
posted Hide Post
I just tried to login to T Mobile's site and the site works but login appears to be down.
'Service Unavailable.
'F451 : Uh-oh, it looks like we have our wires crossed. Please try again later.' it says. I tried it 3x.
 
Posts: 7483 | Location: Dallas | Registered: August 04, 2011Reply With QuoteReport This Post
Fire begets Fire
Picture of SIGnified
posted Hide Post
quote:
Originally posted by parabellum:
It seems to me that- as weird as it sounds- the size of the breach is the only protection we have. If the thieves had managed to steal, say 2000 names, then the odds are very good that a customer is going to have a problem, but 37 million?


I’m not an expert in this field, but I don’t think the volume matters anymore. In the most benign manner, these are sold as lists on the black market.

Black hats just run bots/programs against the lists.

Of course you could run some quick analytics on the data and come up with smarter/refined target lists.

I’m sure this stuff gets used in ways I’ve never even dreamed of. Frown





"Pacifism is a shifty doctrine under which a man accepts the benefits of the social group without being willing to pay - and claims a halo for his dishonesty."
~Robert A. Heinlein
 
Posts: 26758 | Location: dughouse | Registered: February 04, 2003Reply With QuoteReport This Post
Down the Rabbit Hole
Picture of Jupiter
posted Hide Post
quote:
Originally posted by SIGnified:
quote:
Originally posted by parabellum:
It seems to me that- as weird as it sounds- the size of the breach is the only protection we have. If the thieves had managed to steal, say 2000 names, then the odds are very good that a customer is going to have a problem, but 37 million?




I’m not an expert in this field, but I don’t think the volume matters anymore. In the most benign manner, these are sold as lists on the black market.

Black hats just run bots/programs against the lists.

Of course you could run some quick analytics on the data and come up with smarter/refined target lists.

I’m sure this stuff gets used in ways I’ve never even dreamed of. Frown


I agree.
Anyone sophisticated enough to hack T-Mobile could certainly automate the processing of this information.
I suspect many of these data breaches come from insider information. We can thank the geniuses responsible for outsourcing our IT for this. Roll Eyes


Diligentia, Vis, Celeritas

"People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf."
-- George Orwell

 
Posts: 4955 | Location: North Mississippi | Registered: August 09, 2002Reply With QuoteReport This Post
  Powered by Social Strata  
 

SIGforum.com    Main Page  Hop To Forum Categories  The Lounge    T-Mobile hacked AGAIN … data stolen from 37 million customers

© SIGforum 2024