Since February 2023, cybercriminals have had access to the personal information of hundreds of T-Mobile customers, again, this year's second data breach.
Unlike the previous breach, where millions of T-Mobile customers were affected, this time, it's only to the amount of 836 customers which exposes them to identity theft and phishing attacks. In its data breach notification communicated to the individuals affected on April 28, 2023, it said that the system in place alerted them about the unauthorized access to limited information of a small number of its customers.
T-Mobile also said the limited information does not include call recordings or financial information but more of personally identifiable information, exposing the affected customers to identity theft. The personal information could be the affected individual's name, account numbers associated with the phone number, SSN, government ID, date of birth, and internal communications of T-Mobile used for customer service. Immediately after the breach detection by T-Mobile, it proactively mitigated the situation by resetting the account PIN for the ones impacted and, along with that, offering two years of free credit monitoring and identity theft services from Transunion myTrueIdentity.
There have been a few other data breaches of T-Mobile, including the most recent one of this year on January 5, where they claimed the information stolen was just some basic information comprising of name, email address, phone number, billing address, date of birth, T-Mobile account numbers and the number of lines with the features in the respective account.