For what feels like the 70th time, hackers have struck at T-Mobile USA. This time, however, the unauthorized access is not a conflagration: while 37 million customers were affected by a cyber attack on T-Mobile USA at the beginning of the year, this time it is probably “only” 836. The consequences for these victims are great.
The tapped data varies from customer account to customer account and, in addition to the T-Mobile PIN, can contain the social security number (SSN), which is particularly important in the USA, as well as ID data, name, address, date of birth, telephone numbers, customer number, account balance and internal codes. T-Mobile has blocked the affected PIN and sent a form letter to the affected customers – but only more than a month after the company recognized the hack.
The unknown perpetrators had access to T-Mobile’s systems from February 24 to March 30. The burglary was discovered on March 27th. This works out from information published by the Main State Department of Justice. In its serial letter, T-Mobile describes the process euphemistically: According to this, its own alarm systems “worked as intended”; T-Mobile was “able to determine that an attacker had gained access to limited information on a small number” of customer accounts between (sic) February and March.
A paragraph from the letter T-Mobile USA is using to notify affected customers.
(Image: T-Mobile/Daniel AJ Sokolov)
8th or 9th hack in five years
T-Mobile’s customer data seems to be particularly frequently affected by hacks. For the past five years, the company has admitted to more than one hack a year. Bleeping Computer counts eight incidents Techcrunch neunand we’ve lost count now.
The data is particularly valuable, as it can be used to take out loans, open bank accounts, place orders, and so on in someone else’s name. US social security numbers are generally valid for life and are not intended to change once compromised. In addition, the captured data can be used as a starting point for well-crafted spearphing attacks.
T-Mobile has blocked the compromised PIN and is offering victims two years to pay for a service provided by the North American credit rating company Transunion. This service is intended to draw attention to when certain financial transactions are made and continuing obligations are entered into on behalf of a person. For the respective real person, however, such transactions can then become a running of the gauntlet. heise security has asked T-Mobile USA for a statement and more detailed information on the perpetrator’s course of action.
Since the beginning of April, T-Mobile USA has been 50.2% owned by Deutsche Telekom (DTAG). The German network operator has even more voting rights at T-Mobile, namely 53.9 percent.
(ds)
