In a financial filing on Thursday, T-Mobile revealed that a hacker accessed a trove of personal data belonging to 37 million customers.
The telecom giant said that the “bad actor” started stealing the data, which includes “name, billing address, email, phone number, date of birth, T-Mobile account number and information such as the number of lines on the account and plan features,” since November 25.
In the SEC filing, T-Mobile said it detected the breach more than a month later, on January 5, and that within a day it had fixed the problem that the hacker was exploiting.
The hackers, according to T-Mobile, didn’t breach any company system but rather abused an application programming interface, or API.
“Our investigation is still ongoing, but the malicious activity appears to be fully contained at this time, and there is currently no evidence that the bad actor was able to breach or compromise our systems or our network,” the company wrote.
This is the eighth time T-Mobile was hacked since 2018. The most recent incident was in 2022, when a group of hackers known as Lapsus$ were able to gain access to the company’s internal tools, which gave them the chance to carry out so-called SIM swaps, a type of hack where hackers take over a victim’s phone number and then try to leverage that to reset and access the target’s sensitive accounts such as email or cryptocurrency wallets.
T-Mobile has 110 million U.S. customers. A spokesperson for T-Mobile did not respond to a request for comment.
https://techcrunch.com/
Australian software giant Atlassian and Envoy, a startup that provides workplace management services, were at loggerheads on Thursday over a data breach that exposed the data of thousands of Atlassian employees. As first reported by Cyberscoop, a hacking group known as SiegedSec leaked data on Telegram this week that it claimed to have stolen from Atlassian. This […]
In late April, police in Nebraska received a tip saying 17-year-old Celeste Burgess had given birth to a stillborn baby and buried the body. Officers soon learned that her mother, Jessica Burgess, and a friend had helped her with transportation and burial. The police issued citations for concealing the death of another person and false reporting. But […]
The Housing Authority of the City of Los Angeles, or HACLA, has confirmed it is investigating a cybersecurity incident shortly after the LockBit ransomware gang claimed responsibility for a cyberattack on the agency. HACLA, which provides affordable housing to more than 19,000 low-income families across Los Angeles, was added to LockBit’s dark web leak site on […]
Leave a Reply