An American wireless network operator, T-Mobile, recently revealed that a data breach incident on their systems had affected over 37 million customer accounts. The telco firm disclosed details of the incident to the US SEC, explaining that malicious actors began their hack last January 5.
The minute that the telco firm identified the malicious access on their systems, T-Mobile’s security team, alongside external cybersecurity analysts, was able to trace the source and obstruct it.
Based on the released statement, the threat actors began their operation by leveraging an insecure T-Mobile API without authorisation. This malicious activity is said to have started in the latter weeks of November 2022, with the hackers furtively retrieving data from the telco firm.
The telco firm assured that there is no identified evidence of misuse of the compromised data.
T-Mobile’s investigations of the security incident are still underway. However, the company said they had already fully contained the malicious activity. There was no evidence of data misuse by the bad actors, their systems were not breached, and financial data had not been compromised.
Unfortunately, it seemed that the abused API allowed the hackers to obtain customer data, including full names, addresses, email addresses, and phone numbers. Thus, all affected customers were promptly notified about the issue, warning them to be extremely cautious of potential attacks.
The company was also concerned about the possible significant expenses the incident could incur. Experts have observed a 2% decline in the telco firm’s after-hours trading shares, possibly linked to the recent security incident.
Last July 2022, T-Mobile agreed to pay $350 million to the victims of a previous security incident in their company. The telco firm also paid another $150 million to settle a class-action lawsuit against them due to a data breach that affected more than 76.6 million customers.
Despite the company’s doubled efforts to improve its cybersecurity, threat actors have still been finding ways to infiltrate their servers, this time by leveraging an insecure API.
This recent security incident encourages all affected T-Mobile customers to submit their settlement claims before January 23 at midnight Pacific Time. Customers must also closely monitor their accounts for suspicious activities possibly performed by threat actors.