T-Mobile Data Breach – Phone numbers & Call Records Exposed

United States telecommunications giant T-Mobile has unveiled that the personal data of its employees and customers have been hacked. This is the second security breach T-Mobile has admitted in the last six months.

T-Mobile Data Breach

“The Cybersecurity team discovered and shut down malicious, unauthorized access to some information related to the T-Mobile account”, T-Mobile said in a notice of data breach.

The data accessed did not include names on the account, physical or email addresses, financial data, credit card information, social security numbers, tax ID, passwords, or PINs.

With support from leading cybersecurity forensics experts, the company started an investigation to determine what happened and what information was involved.

What information was involved?

T-Mobile has found that threat actors gained access to telecommunications information generated by customers, known as CPNI.

Customer Proprietary Network Information (CPNI) as defined by the Federal Communications Commission (FCC) rules was accessed.

The CPNI accessed can include a phone number, number of lines in an account and some cases, call-related information collected as part of the normal operation of wireless service.

Measures Executed by T-Mobile

The company is sending out SMS notifications to all impacted users. The company also informed that those who received the text alert about this breach should be on the lookout for suspicious texts claiming to be from T-Mobile asking for information or containing links to non-T-Mobile web pages.

It is not uncommon for threat actors to use stolen information for further targeted phishing campaigns that attempt to steal sensitive information such as login names and passwords.

T-Mobile earlier suffered from breaches in 2018 that exposed customer information, in 2019 for prepaid customers, and in March 2020 that exposed customer and financial data.

As a final point, the company ensures to work further to enhance security measures to mitigate these types of activities.


Gurubaran is a Security Consultant, Security Editor & Co-Founder of Cyber Security News & GBHackers On Security.

Recent Posts

SSNDOB Marketplace Admin Jailed for Selling millions of Americans Data

In a resounding triumph for justice, U.S. District Judge Kathryn Kimball Mizelle has sentenced Vitalii…

11 hours ago

Is Your Online Store Hacked in a Carding Attack? Here’s an Action Plan to Protect

Hackers are plotting to benefit from the generosity of Halloween, Thanksgiving, and Christmas shoppers using…

15 hours ago

Google Researchers Find Out How ChatGPT Queries Can Collect Personal Data

The LLMs (Large Language Models) are evolving rapidly with continuous advancements in their research and…

15 hours ago

New Android Malware Employs Various Tactics to Deceive Malware Analyst

In the dynamic realm of mobile application security, cybercriminals employ ever more sophisticated forms of…

17 hours ago

DJvu Ransomware Mimic as Cracked Software to Compromise Computers

A recent campaign has been observed to be delivering DJvu ransomware through a loader that…

18 hours ago

Okta Hack: Threat Actors Downloaded all Customer Support System Users’ Data

In a pivotal update to the Okta security incident divulged in October 2023, Okta Security…

19 hours ago