What would 2020 be without one last piece of bad news? With two days left before 2020 ends T-Mobile gets hit with another data breach. According to AndroidPolice, the T-Mobile data breach operation was shut down by the company.
However, the breach may have harvested a small group of customers’ phone numbers, the number of lines per account, and call diagnostic metrics. It seems 2020 just will not give the world a little breather.
The event happened in November but customers were notified just yesterday via text. Even though customers were notified a month later it could have been worse. T-Mobile could have tried to hide the data breach like someone at Uber tried to.
T-Mobile says the hackers did not gain access to any personally revealing information. Information like names associated with accounts, financial data, credit card information, social security numbers, passwords, PINs, or physical or email addresses did not get accessed.
Unfortunately, there is some bad news. Although personal information like names and addresses were not accessed call diagnostic metrics were. These metrics can and may include call location data. The FCC defines this information as customer proprietary network information. This information contains information such as tower IDs and even granular information from a user’s device
This T-Mobile data breach is the second one this year
Luckily, it seems that the scope and severity of the breach are minimal this time around. Normally attacks like this go unreported. However, T-Mobile is affected at least once a year when it comes to data breaches.
This breach marks the second one of 2020 for the Uncarrier. Earlier this year in March T-Mobile announced a data breach which was, unfortunately, the third such breach in three years. The T-Mobile data breach in March gained access to some T-Mobile employee email accounts.
Thankfully the company was able to identify and end that attack against its email vendor. The attackers used employees’ emails to access customer names, addresses, and phone numbers. A lot of leaks happen regardless of the steps taken to ensure they don’t happen. Many times carriers suggest changing PIN numbers associated with a user’s account to protect against any further data leaks.
The end of the year is right around the corner, but this hellacious year just will not leave us alone. 2020 has seen a focus on privacy practices used by big tech companies, and how to protect users’ data. The big tech companies have also been charged with various anti-trust lawsuits, so it is safe to say that 2021 can’t get here quick enough.