T Mobile

T-Mobile Hacked: 37 Million Users’ Data Breached

T-Mobile announced a fresh data breach after a threat actor used one of its Application Programming Interfaces to steal personal data from 37 million active postpaid and prepaid customer accounts (APIs).

A software interface or mechanism known as an API is frequently used by programs or computers to communicate with one another.

Many online web services employ APIs so that, as long as the proper authentication tokens are supplied, their online apps or external partners can get internal data. T-Mobile did not disclose the specifics of how their API was abused, but threat actors frequently discover holes that let them access data without first authenticating.

New T-Mobile Data Breach Impacts 37 Million Accounts

On Thursday, T-Mobile disclosed that the hacker began accessing the vulnerable API to steal data around November 25, 2022. On January 5, 2023, the mobile carrier discovered the malicious behavior and one day later blocked the attacker’s access to the API.

According to the organization, the API that was misused in this security compromise did not give the attacker access to the affected customers’ social security numbers, tax identification numbers, passwords, PINs, payment card information (PCI), or other financial account information. The compromised API, according to T-Mobile, can only give a restricted range of user account information, such as name, billing address, email, phone number, date of birth, T-Mobile account number, and details like the number of lines on the account and plan features.

In a second news statement, the business referred to the information acquired in this incident as “basic client information.”

T-Mobile has informed U.S. government agencies about the issue and is currently collaborating with law enforcement to look into the security hole.

Customers who may have had their highly sensitive personal information stolen as a result of this breach have also been notified by the carrier. There is currently no proof that the bad actor was able to infiltrate or compromise our systems or our network, according to T-Mobile, which added that although its investigation is still underway.