In August of 2021, T-Mobile shared that it had experienced a major data breach. This incident is the company’s fourth confirmed data breach since the beginning of 2020. During this breach, cybercriminals compromised personal information linked to more than 40 million current, previous and prospective T-Mobile customers. Keep reading to learn more about the incident and T-Mobile’s response.
Breach Details
According to T-Mobile, the company first realized that cybercriminals had hacked into its servers the week before the breach was revealed to the public. During this time, the cybercriminals gained access to a range of company data—including existing, prior and potential customers’ personal information. That weekend (Aug. 14-15), the cybercriminals began trying to sell this information online for over $250,000 in bitcoin.
While the cybercriminals initially claimed to have exploited nearly 100 million individuals’ personal information, T-Mobile confirmed that the actual number is closer to 48 million—which still represents a significant chunk of the company’s customer base. Breaking down this number, T-Mobile explained that the breach ultimately compromised sensitive account information from approximately 7.8 million current customers and 40 million past or prospective customers. This information includes:
- First and last names
- Dates of birth
- Social Security numbers
- Driver’s license information
In addition, T-Mobile shared that 850,000 customers who were enrolled in prepaid services also had their phone numbers and account PINs exposed. Fortunately, the company asserted that no individuals’ financial records or payment information were compromised.
Protecting Your Personal Data
While clients cannot do much to prevent companies from exposing their data, individuals of all ages spend a significant amount of time on tablets, laptops and other smart devices that they can protect. It’s critical that personal technology remains secure from cybercriminals and malware. After all, any device left unprotected could easily be targeted in a data breach, leading to compromised personal information and—in severe cases—identity theft.
To ensure your information isn’t accessed and exploited by cybercriminals, consider these personal device security tips.
- Protect your devices. Use a unique passcode, PIN, fingerprint lock or facial identification to keep devices as secure as possible.
- Don’t forget to log out. Always log out of mobile apps and websites when you’re done using them. If you don’t log out and someone gets access to your device, they could quickly locate and steal your login credentials or other personal information.
- Change Your Passcode Often. Employ a schedule for changing your password regularly and always change your password after any potential leak.
- Use Wi-Fi cautiously. Avoid connecting devices to public or unsecured (no password required) Wi-Fi networks. Use only legitimate, private networks—and never conduct financial business or access sensitive data while on public networks.
- Keep a remote backup of critical data. Back up any sensitive information to your computer or to a cloud-based service.
- Use an antivirus program. These programs provide enhanced security—safeguarding your apps, documents and other important files from being infected with malware before you open them.
Technology will always be a target for viruses and cyberattacks. Nevertheless, following these tips for securing your devices will help keep you (and your information) safer.
