To close out the year, U.S. telecommunications giant T-Mobile announced it had been hacked. In a notice, the company said its cybersecurity team had discovered and shut down malicious, unauthorized access to some information related to T-Mobile accounts.
According to the notice, the data accessed did not include names on the account, physical or email addresses, financial data, credit card information, social security numbers, tax ID, passwords, or PINs. However, “customer proprietary network information (CPNI) as defined by the Federal Communications Commission (FCC) rules was accessed. The CPNI accessed may have included phone number, number of lines subscribed to on [user] account and, in some cases, call-related information collected as part of the normal operation of [user] wireless service.”
The cell carrier noted it had started an investigation as soon as the hack was discovered, with assistance from cybersecurity forensics experts, to determine what happened and what information was involved. T-Mobile also notified federal law enforcement as well as impacted customers.
In 2018, T-Mobile admitted hackers had breached its email systems, exposing names, billing zip codes, phone numbers, email addresses, account numbers and account types. In March 2020, the company also disclosed a security breach, affecting employee email accounts and user data.
Source: https://www.securitymagazine.com/articles/94267-t-mobile-hacked-again-hackers-accessed-customer-information
