T-Mobile announced last week that an unidentified malicious intruder entered its network in late November and stole data on 37 million customers.
The intruder was able to obtain customer information between November 25, 2022 and January 5, 2023. T-Mobile said customer accounts and finances are not directly at risk and there is no evidence that they have compromised T-Mobile’s network or systems. .
T-Mobile said the information obtained for each customer varies but may have included full names, dates of birth, phone numbers, billing addresses, email addresses, and account and line information (such as billing account numbers, the codes of tariff plans and features, and the number of lines on the account).
Passwords, social security numbers, payment methods, and usage or call records were not affected by the breach, according to T-Mobile. No account changes or charges were detected.
“My Corporate Oversight Division is closely monitoring this developing situation and working to gather more information about the cause, the impact on Michigan customers, and the response,” the Michigan Attorney General said. Dana Nessel. “It is important that consumers remain diligent in protecting their information. Personal information that does not appear particularly sensitive can be used by identity thieves as a gateway to more sensitive information and is susceptible to use in phishing attacks.
Michigan AG Dana Nessel said customers should watch out for suspicious emails, text messages or phone calls following the data breach.
“There are many ways bad actors can take advantage after a breach. If you get a call from someone who has urgent or financial requests, asks for your personal information, or asks you to pay in unusual ways, it’s likely a scam,” Nessel said. “Never give out credit card numbers, bank account information, social security number, or other personal information to anyone who calls you. You can call my office at any time to verify the veracity of the caller.
In 2022, T-Mobile has settled a class action lawsuit and agreed to pay customers $350 million after breaching the Social Security numbers and other identifying information of 80 million US residents.
Order a free credit report
According to at the FTCeveryone has the right to obtain a free credit report every 12 months from each of the three national credit bureaus.
Until December 2023, everyone in the United States can get a free credit report each week from each of the three credit bureaus at annualcreditreport.com. Everyone can get six free credit reports a year from Equifax until 2026. This is in addition to the free Equifax report.
Here’s how to get your free credit reports:
Warning: annualcreditreport.com is the only true free credit report website. Misspelling this site or using another website with similar words will lead you to a website that will attempt to sell you something or collect your personal information.
By email: To fill this form and mail it to the address given
By telephone: Call 877-322-8228
Steps to take if your data has been hacked
Thieves use stolen personal information to commit identity theft.
Officials estimate that, on average, there is an identity theft victim in the United States every two seconds.
If your personal information has been exposed, you should take the threat seriously and take steps to protect yourself.
Michigan suggests the next steps to respond to a data breach:
Put a fraud alert on your credit report: A fraud alert is a free alert, or flag, that is placed on your credit report when you notify a credit reporting agency that your information may have been compromised. This alert will make it more difficult for anyone to open an account in your name.
Consider a security freeze on your credit file: A security freeze or credit freeze is something you ask a credit reporting agency to restrict access to your credit report. This makes it more difficult for identity thieves to open new accounts in your name, as most creditors will require to see your credit report before approving new credit. If a creditor can’t see your file, they shouldn’t extend credit. A credit freeze does not prevent all third parties from seeing your report.
Credit monitoring: Credit monitoring is a service that tracks your credit file and alerts you whenever a change is made. This gives you the opportunity to confirm the accuracy of the edit and, if necessary, to challenge any inaccuracies. The specifics of any service will depend on the provider; however, most advertise that they will notify you within 24 hours of any changes to your credit report.
Take advantage of all the free services offered as a result of the breach: Take advantage of any unconditional, free subscription to any credit monitoring, fraud resolution, or other service designed to protect and help you. Before accepting a free subscription that is offered to you as a result of a security breach, carefully review all the conditions imposed on your acceptance of this subscription. For example, will you be charged after a short free period, or will you only get the free subscription if you waive your right to further legal recourse?
Use two-factor authentication: For accounts that support it, two-factor authentication requires both your password and additional information to sign in to your account. The second coin can be a code sent to your phone, or a random number generated by an app or a token (a physical object in the possession of the user). This protects your account even if your password is compromised.
If you need to file a consumer complaint with the Michigan Attorney General, you can Click here — If you have any questions, you can call 877-765-8388.
You can find more information on how to respond to a data breach by reading Nessel’s “Data breaches: what to do next? Consumer Alert” article.
Copyright 2023 by WDIV ClickOnDetroit – All Rights Reserved.