According to a statement from T-Mobile, the company has verified a data breach that was caused in part by SIM swapping attacks. According to The T-Mo Report, which is a blog focused on T-Mobile, internal reports revealed that some data had been leaked from a subset of clients. Customers fall into three categories, according to The T-Mo Report.
Several T-Mobile customers’ customer proprietary network information (CPNI) was accidentally published on the internet, while others had their SIMs replaced and a small number of individuals were affected in both cases. CPNI contains data about a customer’s plan, such as the number of lines connected, phone numbers, and more. When asked for details about the attack, T-Mobile declined to answer and said it did not know how many users were affected.
A T-Mobile spokesperson stated, “Our people and processes functioned as intended to safeguard our customers from this type of attempted fraud, which is unfortunately all too common in our industry.”
The firm claimed to Cnet and Bleeping Computer that it sent letters to “a small number of customers” dealing with SIM swapping attacks, describing the assaults as “rampant industry-wide.” T-Mobile has responded on Twitter stating that the company is taking immediate preventive measures to protect all persons who may be vulnerable from this cyberattack.
T-Mobile has had several data breaches in recent years, and the latest one occurred in August, when the sensitive information of more than 50 million customers was exposed. This included names, addresses, social security numbers, driver’s licenses and ID cards for approximately 48 million people. SIM swapping victims have long complained about the carrier’s poor customer service. Since 2018, T-Mobile has been plagued by numerous SIM swap attacks and data breaches.