Proactive Computing | Optimizing IT for usability, performance and reliability since 1997

Category: #TMobile

T-Mobile’s Data Breach Is Real And Worse Than You Imagined

T-Mobile storefrontAlastair Pike/AFP/Getty Images

Earlier this week, T-Mobile confirmed news and reports that the company had been hacked and experienced a wide customer data breach. And while the company’s findings show not all 100+ million customers are affected, it’s still bad news, and the details are going from bad to worse.

After confirming over 40 million customers’ user data was compromised, on Friday, the mobile carrier reported that hackers illegally accessed customer names, dates of birth, phone numbers, social security numbers, addresses, and even IMEI numbers for customer devices. This includes current, former, and potential customers, as well as postpaid users.

T-Mobile also said it had identified an additional 667,000 accounts of former customers that were accessed. This is bad news as hackers can easily use that info for identity theft, SIM swapping attacks to intercept secure two-factor logins, and other harmful activities.

So far, the number of affected customers is over 50 million. In a press release, the company said it’s taking immediate steps to help protect affected customers and is coordinating with law enforcement.

“We take our customers’ protection very seriously and we will continue to work around the clock on this forensic investigation to ensure we are taking care of our customers in light of this malicious attack,” said the company. “While our investigation is ongoing, we wanted to share these initial findings even as we may learn additional facts through our investigation that cause the details above to change or evolve.”

The company has now opened a dedicated webpage full of information for customers. Here, T-Mobile users can find information on how to change their PIN or passwords or sign up for a complimentary 2-years of McAfee ID Theft Protection services. T-Mobile recommends postpaid customers change their PIN and have already alerted many users or reset it themselves.

via The Verge

Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Cory Gunther

T-Mobile confirms data breach affects over 47 million people


As part of its ongoing data breach investigation, T-Mobile has confirmed the enormity of the stolen information. Roughly 47.8 million current and former or prospective customers have been affected by the cyberattack on its systems, the carrier confirmed on Wednesday. Of that number, about 7.8 million are current T-Mobile postpaid accounts and the rest are prior or potential users who had applied for credit, the company added in a press release

Worryingly, the data includes some personal information including the first and last names, date of birth, SSN, and driver’s license/ID information for a “subset of customers.” So far, T-Mobile said it does not have any indication that the stolen files contain phone numbers, account numbers, passwords or financial information.

What’s more, the company said about 850,000 active T-Mobile prepaid customers also had their names, phone numbers and account PINs exposed. The affected users do not include Metro by T-Mobile, former Sprint prepaid, or Boost users and T-Mobile said it has reset the PINs on these accounts. In addition, it claimed that “some additional information” from inactive prepaid accounts was accessed through prepaid billing files.

The findings from the carrier’s preliminary analysis come just days after it was notified of a data breach. Initially, it was reported that a member of an underground forum claimed to have obtained the data for over 100 million T-Mobile customers. The culprit was reportedly selling information of about 30 million T-Mobile customers for about $270,000 in Bitcoin. 

As part of its compensation and mitigation efforts, T-Mobile is offering affected customers two years of McAfee’s ID Theft Protection Service; recommending all postpaid users change their PIN; and setting up an online resource page. T-Mobile said that it began coordination with law enforcement on Tuesday as its investigation into the data breach — the third such attack it has suffered in the past two years — continues.

Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Saqib Shah

T-Mobile confirms unauthorized access to ‘some’ data


Following reports of a data breach over the weekend, T-Mobile has confirmed it’s investigating a cybersecurity incident. In an update published on Monday, the company said someone gained unauthorized access to its computer systems, but that it has yet to determine if any customer data was stolen.

“We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed,” the carrier said.

When Motherboard first broke the news of the data breach on Sunday, the information of about 30 million T-Mobile customers was on sale on the dark web for about $270,000 in Bitcoin. A hacker told the outlet they had obtained social security and IMEI numbers connected to more than 100 million people. As of the second quarter of 2021, T-Mobile had 104.7 million subscribers. The carrier said it could not “confirm the reported number of records affected or the validity of statements made by others” until it completes its investigation. Once it knows more about the situation, T-Mobile promises to proactively contact customers.

Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Igor Bonifacic

T-Mobile’s Latest ‘Free’ Phone Deal A Scam?

OK. It’s ‘technically’ still a free phone when you Trade-In your old phone. You still get an $800 total credit on an $800 phone. But the way they credit your account will make your bill go UP each month!

So from the initial offer, it seems straightforward. You sign up for 24 monthly payments on an $800 phone. They give you 24 monthly credits equal to the payment. So, the payment each month is $33.34 and you get a credit for $33.34, so the net cost would be $Zero. You’d think, right?

Not so fast. That would make sense, so of course, that’s not how they do it.

First Your Trade-In Must Qualify – Mine phone DID, so I THOUGHT I was all set.

Assuming your phone qualifies (mine is an S10+ so it qualified for the full $800 credit), the ‘catch’ comes down in the last item #3.

So this is where T-Mo gets tricky. Lets say your phone is worth $200.

You have to sign a contract for 24 months at $33.34. $800 total.
When they receive your trade-in, they initiate 24 monthly credits to your account.
To calculate the monthly credit, they subtract the $200 value of your old phone from the $800 price =$600.
Then they divide $600 by 24 months to get your monthly credit of $25
They also give your a ONE-TIME credit for $200 applied directly to your account.
Your bill is now $8/ month higher because you are being charged $33 and getting a credit for $25 ($33-25=8) for the next 24 months.
The $200 credit they apply doesn’t reduce the amount you owe or the monthly payment amount, it’s just a one-time credit applied to your account in general, and…and this is important, not against the equipment contract.

So: In my case, my bill is currently $140 so it will go up to $148 for 24 months
They apply a $200 credit, so the first month T-Mobile OWES ME $52 ($200-148=52) and I pay NOTHING. I still have $52 credit.
The next month, I pay $96. $148 less the $52 credit. ($148-52=96)
After that, the next 22 months I’m stuck paying $8 more, $148 each month.

While all this is confusing and likely very BAD for T-Mobile’s business, the way they EXPLAIN it is even worse. It took me over 7 hours between text messages and voice calls with supervisors to HOPEFULLY get them to understand and HOPEFULLY get my account setup to be a $33 charge and a $33 credit each month. They PROMISED it was all set. They also processed a credit for $1600 to my account, so I really had no idea what would REALLY happen when I signed the contract. I signed it anyway in total frustration.

So I guess I’ll find out eventually how this turns out. Fingers crossed. 🤞