T-Mobile suffers its fourth hack in less than three years – still “takes the security of your information very seriously”

Graham Cluley
@gcluley

T-Mobile has been hacked… again.

In an update on its website the wireless provider has published a “notice of security incident” (don’t you love the way companies try to find words to make their data breach notifications sound as dull as possible>).

In its advisory, T-Mobile says that its security team recently discovered that hackers had managed to access information related to T-Mobile accounts.

Sign up to our newsletter
Security news, advice, and tips.

Fortunately, according to the company, the breach did not expose names associated with accounts, physical or email addresses, financial data, credit card information, social security numbers, tax ID, passwords, or PINs.

But the unauthorised access did involve customer proprietary network information (CPNI), which “may have included phone number, number of lines subscribed to on your account and, in some cases, call-related information collected as part of the normal operation of your wireless service.”

T-Mobile said it was sorry for any inconvenience that may have been caused for customers, and that it took “the security of customer information seriously.” Which was good of them to say, but woe betide if we ever had a data breach where the targeted company didn’t underline how seriously it took security.

Law enforcement agencies have been informed, and impacted customers are being impacted. Details have not been shared regarding how the hackers managed to gain access to the exposed customer information.

Of course, some may recall that this is far from the first time that T-Mobile has been hacked. Indeed, by my count this has been T-Mobile’s fourth data security breach in just the last three years:

March 2020 – T-Mobile reveals that hackers broke into employees’ email accounts and stole customer account information.

At the time, T-Mobile said “We take the security of your information very seriously…”

November 2019 – T-Mobile confirmed that more than one million prepaid customers were impacted by a breach which saw hackers access their names, phone numbers, billing addresses, T-Mobile account numbers, and details about rates and plans.

At the time, T-Mobile said “We take the security of your information very seriously…”

August 2018Hackers stole details of two million T-Mobile customers.

At the time, T-Mobile said “We take the security of your information very seriously…”

Fancy that. It’s almost as if they have a template all ready in case of a breach…

It’s good that this latest data breach at T-Mobile breach did not involve more sensitive information, although obviously everybody would have preferred if there hadn’t been any data breach at all.

One thing we can be certain of – T-Mobile still takes the security of your information very seriously.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

One comment on “T-Mobile suffers its fourth hack in less than three years – still “takes the security of your information very seriously””

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.