Threat actors gained access to the private data of 100 of customers of T-Mobile beginning in late February 2023 as a result of the second data breach of 2023.
Only 836 clients, in total, were affected by the security compromise. The company claims that the security breach had no impact on call history or information from personal bank accounts.
Depending on the customer, different information was obtained, but it could have included the following: full name, contact information, account number and related phone numbers, T-Mobile account PIN, social security number, government-issued ID, date of birth, balance owing, internal codes used by T-Mobile to service customer accounts (such as rate plan and feature codes), and the number of lines.
Source: https://securityaffairs.com/145590/data-breach/t-mobile-second-data-breach-2022.html
TPRM report: https://scoringcyber.rankiteo.com/company/t-mobile
"id": "tmo05529523",
"linkid": "t-mobile",
"type": "Breach",
"date": "04/2023",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'customers_affected': 836,
'industry': 'Telecommunications',
'name': 'T-Mobile',
'type': 'Telecommunications Company'}],
'data_breach': {'number_of_records_exposed': 836,
'personally_identifiable_information': True,
'type_of_data_compromised': ['full name',
'contact information',
'account number and related '
'phone numbers',
'T-Mobile account PIN',
'social security number',
'government-issued ID',
'date of birth',
'balance owing',
'internal codes used by T-Mobile '
'to service customer accounts',
'number of lines']},
'date_detected': 'late February 2023',
'description': 'Threat actors gained access to the private data of 100 '
'customers of T-Mobile beginning in late February 2023 as a '
'result of the second data breach of 2023. Only 836 clients, '
'in total, were affected by the security compromise. The '
'company claims that the security breach had no impact on call '
'history or information from personal bank accounts. Depending '
'on the customer, different information was obtained, but it '
'could have included the following: full name, contact '
'information, account number and related phone numbers, '
'T-Mobile account PIN, social security number, '
'government-issued ID, date of birth, balance owing, internal '
'codes used by T-Mobile to service customer accounts (such as '
'rate plan and feature codes), and the number of lines.',
'impact': {'data_compromised': ['full name',
'contact information',
'account number and related phone numbers',
'T-Mobile account PIN',
'social security number',
'government-issued ID',
'date of birth',
'balance owing',
'internal codes used by T-Mobile to service '
'customer accounts',
'number of lines']},
'title': 'T-Mobile Data Breach',
'type': 'Data Breach'}