Update: Tom's Guide has learned that this incident affected about 400 T-Mobile customers. The attacker or attackers seem to have penetrated T-Mobile's systems with the goal of taking over customer accounts, but the intrusion is said to be over and affected customers have been notified.
T-Mobile appears to have suffered yet another data breach, which would make it the company's third data breach in less than a year.
Unlike the previous set of T-Mobile account compromises, disclosed in late December, this is more serious because it involves "your full name, address, account number, Social Security number, customer account personal information number (PIN), account security questions and answers [and] date of birth."
- This hidden T-Mobile feature could keep your number from being stolen
- These are the best identity theft protection services
- Plus: How to watch the Golden Globes 2021 online
That's according to a boilerplate letter being sent out to T-Mobile customers (opens in new tab) whose accounts were compromised, a copy of which was obtained by Bleeping Computer (opens in new tab).
An unknown attacker apparently "used this information to port your line to a different carrier without your authorization," the letter, dated Feb. 9, adds. "T-Mobile identified this activity, terminated the unauthorized access and implemented measures to protect against reoccurence."
"Ported" or "SIM-swapped" numbers are serious enough, as they can be leveraged to hijack other accounts or steal cryptocurrency. But you could do a lot more than steal a phone number with the information exposed in these apparent account compromises.
In many cases, all you need to do to fully steal someone else's identity is their full name, date of birth, Social Security number and current street address. All those are part of the compromised T-Mobile data this time around.
Data breach, or individual account takeovers?
For the moment, there's no information on how many T-Mobile customers might be affected. Nor do we know whether the compromised accounts were the result of a mass data breach (as happened last March) or instead a series of individual account takeovers such as might result from weak or reused passwords.
Tom's Guide has reached out to T-Mobile seeking answers to these questions, and we will update this story when we receive a reply.
T-Mobile customers who receive the letters pertaining to this most recent incident or series of incidents will be entitled to two years of free credit monitoring and identity-theft protection provided by TransUnion. They are also being asked to change their account PINs and their account security questions and answers.
Tom's Guide strongly encourages affected T-Mobile customers to take up the company on its offers of assistance and to follow its advice in securing your account.
Worried customers can call T-Mobile by dialing 611 from their T-Mobile phones or 1-800-937-8997 from any phone.
Happens all the time, normally they will blame it on Russian hackers.