This podcast episode discusses T-Mobile’s latest breach – the third in less than three years – in which a malicious actor stole personal data from 37 million customer accounts.
T-Mobile disclosed another data breach last week that affected the personal data of approximately 37 million customer accounts.
The mobile operator said last Thursday that a “bad actor” had used a single API to obtain personal data from customer accounts. According to its disclosure, T-Mobile found no evidence that the threat actor compromised its network or systems. However, the actor obtained a significant amount of personal information about clients.
“Some basic customer information (almost all of the type widely available in databases or marketing directories) was obtained, including name, billing address, email, phone number, date of birth, account number, and information such as line count on account and service plan features,” the disclosure read.
This latest hack marks at least the third breach for the telecoms giant in the past three years. In early 2022, the Lapsus$ threat group stole the company’s source code. In mid-2021, a malicious actor stole the account details of around 40 million T-Mobile customers.
In this episode of Risk and repetition podcast, TechTarget editors Rob Wright and Alex Culafi discuss the T-Mobile breach as well as its ramifications for the company.
To subscribe to Risk and repetition on Apple Podcasts.
Alexander Culafi is a Boston-based writer, journalist, and podcaster.