The extent of T-Mobile’s recent data breach is far greater than previously reported

The extent of T-Mobile's recent data breach is far greater than previously reported

While T-Mobile is certainly no stranger to data breaches, being the victim of several different cyberattacks with varying degrees of gravity over the last few years alone, the latest such security issue seems to be hands down the biggest and most far-reaching snafu ever experienced by the “Un-carrier.”

Another 6 million accounts or so had information “illegally accessed”

Basically, T-Mo is today adding 5.3 million current postpaid customer accounts to an existing tally of “approximately” 7.8 million subscribers while “only” increasing the “about” 40 million former or prospective customers impacted by the cyberattack with 667,000 accounts of ex-customers newly labeled as compromised.

All irony and (valid) criticism aside, there’s a very important distinction to be made between the 47.8 million people initially confirmed as victims of this massive breach and the additional 6 million or so current and former T-Mobile subscribers further identified as part of the same unfortunate group.

Specifically, while the first batch of compromised accounts and data files included everything from first and last names to birth dates, Social Security numbers (SSNs), and driver’s license/ID information, this second and considerably smaller group of people apparently did not have any SSNs or driver’s license/ID info stolen without their knowledge.

That’s… somewhat comforting, although it still leaves all the other stuff in danger of falling into the wrong hands. What’s worse is that T-Mo can now confirm that phone numbers, as well as IMEI and IMSI information, were also compromised for all 13.1 million current postpaid accounts so far identified as targets of the attack.

As explained by the “Un-carrier” in its latest update of the very delicate situation on the company’s official website, IMEI and IMSI are the “typical identifier numbers associated with a mobile phone”, which combined with everything else, make this a fiasco of colossal proportions.

What happens now for T-Mobile?

The obvious first answer to that question is that the investigation into the author and extent of the data breach is set to “continue for some time”, which means that the numbers detailed above could well continue to surge for “some time.”

The silver lining in T-Mo’s investigation so far is that no financial information has been deemed as “compromised” or breached in any way, and while new revelations could surface at any point, it seems unlikely that a discovery so important will be made later in the course of said investigation.

Perhaps more worryingly for investors, T-Mobile share value dropped no less than $5.3 billion in the days following the initial data breach report, with significant customer losses also predicted for the next couple of quarters as a direct result of the “reputational damage inflicted” by the cyberattack. 

Speaking of customers, Magenta claims to have sent “communications to millions” of people, providing support in “various ways”, the most notable of which is probably an offer of two free years of McAfee ID Theft Protection Service for “any person who believes they may be affected.” That’s definitely… something, but it won’t be enough to keep the FCC satisfied or those subscriber gains going.

Source link

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button