T-Mobile's latest data breach was not very big but it was pretty serious
T-Mobile is quite possibly the undisputed US wireless industry champion of device deals, affordable data plans, freebies for loyal customers, and unfortunately, security breaches, with the latter aspect often overshadowing all of the reasons why a Verizon or AT&T subscriber might feel the urge to jump ship in favor of the nation-leading "Un-carrier."
While this is obviously not a uniquely Magenta-tinted problem, it definitely seems to crop up far more frequently on the second largest mobile network stateside than anywhere else. The latest such data breach, for instance, arrives mere months on the heels of the previous issue of the same nature, which in turn followed at least one security mishap in 2022 and two more in 2021.
We clearly won't blame you if you can no longer trust T-Mo with your personal data and, well, wireless business after this seemingly endless line of hard-to-forgive blunders, especially once you hear what type of information was compromised this time around.
That "may" have included full names, account numbers, associated phone numbers, contact information, T-Mobile account PINs, social security numbers, government IDs, birthdates, internal codes that the operator uses to "service customer accounts" (like rate plans and feature codes), as well as the number of lines on your account.
For what it's worth, no call records or personal financial account information appear to have been affected by this particular breach, which took place "between late February and March 2023." More importantly, only a "small" number of accounts were impacted, according to T-Mobile, and while that may sound like something companies at fault always say in these cases to save face, Bleeping Computer has obtained a specific figure that is indeed extremely (and almost uncharacteristically) low.
We're talking just 836 customers victimized out of more than 100 million potential targets, which is still higher than 0. That's the only number of people hacked that would be truly acceptable, especially for a company that's been through a situation like this... more times than we're willing to count before and that always promises to do a better job of protecting its customers' data in the future.
Things that are NOT allowed: