T-Mobile customers may have experienced a moment of panic this week upon learning about a recent data breach. T-Mobile published a press release on Jan. 19, 2023, indicating that a "bad actor" had gained access to a number of customer accounts last fall. Was T-Mobile hacked, and what should customers do to protect themselves?
T-Mobile stated that it's "currently in the process of notifying impacted customers" after an unknown person obtained information using a single Application Programming Interface (API). Here's more about the types of information that may have been compromised, and how customers can protect their data moving forward.
T-Mobile explained that "limited" types of information were obtained by the hacker.
The company has already conducted what it called a "thorough investigation" to determine that someone had obtained customer information. According to T-Mobile, the compromised information included the following:
- billing address
- phone number
- date of birth
- account number
- number of lines on the account
- service plan features
T-Mobile attempted to soften the news by noting that most of these pieces of data are "widely available in marketing databases and directories." In other words, the hacker didn't obtain information they couldn't have gotten through legal means. T-Mobile also said the team stopped the issue within 24 hours.
Was any financial information compromised in the T-Mobile breach?
Fortunately, according to the company press release, no information that could be considered very sensitive was obtained by the hacker. T-Mobile said, "No passwords, payment card information, social security numbers, government ID numbers, or other financial account information were compromised."
As the company explained, the quick action helped ensure that none of the most private information about any customers was revealed. "Customer accounts and finances should not be put at risk directly by this event," the press release noted.
However, as CNN noted, the data that was obtained by the hacker could be combined with other "stolen or publicly available information and used by scammers to steal people’s identities or money."
T-Mobile also discussed the data breach in a regulatory filing on Jan. 19. The data breach occurred in November 2022, and the company is currently working to notify the customers who may have been affected. T-Mobile said that 37 million current customers of the wireless carrier may have had their data compromised.
Use these customer protection tips to keep your sensitive data safe.
As with any digital product, consumers must be vigilant about security to keep their information and financial accounts secure. With digital fraud and data breaches happening all the time, it's important to follow the standard precautions with your cell phone and other devices.
The Federal Trade Commission (FTC) offers some advice to consumers about how to protect themselves when using a wireless phone. The latest T-Mobile hack is a reminder of how important cybersecurity is.
Here are four key steps to protect your data:
- Lock your phone
- Update your phone's software automatically
- Back up data regularly
- Turn on features to locate a lost phone
Locking your phone can include setting up a strong PIN that you enter each time you use the phone (the FTC suggests at least six digits). You might also unlock your phone using retinal scan, facial recognition, or a fingerprint.
If possible, set up automatic software and app updates on your phone. Otherwise, regularly update them manually to ensure no security gaps.
Consider how much data you store on your cell phone, and be sure to back it up frequently to the cloud or your personal computer. In case of loss or theft, you won't lose all the information.
You might also be able to set up a "find my phone" feature. This can help you locate it, but also if it's lost or stolen, can enable you to lock or erase the phone to keep anyone else from gaining access.