On Aug. 18, 2021, T-Mobile—a well-known telecommunication company—shared that it had experienced a major data breach. This incident is the company’s fourth confirmed data breach since the beginning of 2020. During this breach, cybercriminals compromised personal information linked to more than 40 million current, previous and prospective T-Mobile customers. Keep reading to learn more about the incident and T-Mobile’s response.

Data Breach Details

According to T-Mobile, the company first realized that cybercriminals had hacked into its servers the week before the breach was revealed to the public. During this time, the cybercriminals gained access to a range of company data—including existing, prior and potential customers’ personal information. That weekend (Aug. 14-15), the cybercriminals began trying to sell this information online for over $250,000 in bitcoin.

While the cybercriminals initially claimed to have exploited nearly 100 million individuals’ personal information, T-Mobile confirmed that the actual number is closer to 48 million—which still represents a significant chunk of the company’s customer base. Breaking down this number, T-Mobile explained that the breach ultimately compromised sensitive account information from approximately 7.8 million current customers and 40 million past or prospective customers. This information includes:

  • First and last names
  • Dates of birth
  • Social Security numbers
  • Driver’s license information

In addition, T-Mobile shared that 850,000 customers who were enrolled in prepaid services also had their phone numbers and account PINs exposed. Fortunately, the company asserted that no individuals’ financial records or payment information were compromised.

How T-Mobile Is Responding to the Breach

T-Mobile is currently working with the proper authorities to conduct a full forensic investigation of the incident. The company is also in the process of notifying all individuals who had their information exposed. To support those affected by the breach, T-Mobile is:

  • Providing impacted individuals with two years of identity theft protection services at no cost
  • Implementing extra security measures to help customers better safeguard their T-Mobile accounts
  • Encouraging all existing customers to proactively update their T-Mobile account passwords and PINs
  • Developing a new page on its website detailing the company’s response to the breach and additional actions individuals can take to protect themselves

For Extra Protection

To further mitigate their risks of experiencing identity theft or other forms of fraud from this breach, impacted individuals should put a temporary freeze on their credit files by contacting each of the following three major credit bureaus:

  1. Equifax (800-685-1111)
  2. Experian (888-397-3742)
  3. TransUnion (888-909-8872)

For additional risk management guidance and insurance solutions, contact us at Neckerman Insurance Services today.

© 2021 Zywave, Inc.