T-Mobile has now announced a new data breach involving customer information, marking the third such breach in the past three years. This breach stemmed from a slightly different underlying issue, however. Specifically, the company says that it was able to identify and bring an end to a malicious attack against its email vendor. The attack ultimately gained access to some T-Mobile employee email accounts.
The bad actors accessing the emails were able to gain access to certain details concerning both end-users and employees. That "may have included" customer names and addresses as well as phone numbers. But it also may have included account numbers and details such as rate plans and features, in addition to billing information.
The details do not include financial information. So customers' credit card details and social security numbers have not been impacted. The company also doesn't indicate that log-in details such as passwords have been leaked.
T-Mobile got lucky for the third time in three years
Now, T-Mobile also suffered a customer data breach as recently as November of last year. In the prior year, the company suffered yet another that impacted as many as two million customers. In the first case, no "sensitive" details were leaked and the breach mostly impacted prepaid users.
Similar circumstances hold over for the breach two years back. Customers' names, billing zip codes, phone numbers, email addresses, and account numbers were breached. In both instances, as with the most recent breach, no sensitive information was compromised. So no social security numbers, passwords, or credit card details were leaked.
While T-Mobile isn't the only carrier to suffer breaches or even frequent breaches, it does seem to be extremely lucky here. In each case, the malicious actors involved managed to fail to gain access to passwords social security numbers, or credit card information. The details that have been leaked are still relatively sensitive but the undergirding impact of the breaches is less than it might otherwise be.
How do you protect your account?
As noted above and by T-Mobile, "information accessed illegally may have included names and addresses, phone numbers, account numbers, rate plans and features, and billing information." The company says that no log-in credentials or financial details were leaked, those details that did leak can still be misused.
The carrier hasn't provided any details about the exact figures for how many users may have been compromised.
Regardless, T-Mobile indicates that now would be a good time to update a given account's PIN. It may be a good idea to change any passwords too. That's especially true where passwords are kept the same across multiple sites and services. Users should also be aware that those breached details can lead to and enable further breaches and phishing attacks.
T-Mobile hasn't said that those secondary malicious uses of the data have occurred. But long periods between breaches and attacks are not uncommon so it isn't guaranteed that won't happen in the future. In the interim, the company says it has informed law enforcement and is actively cooperating in investigations.