Category Archives: T-Mobile

AT&T, Verizon Subscribers Exposed as Mobile Bills Turn Up on the Open Web

Names, addresses, phone numbers, call and text message records and account PINs were all caught up in a cloud misconfiguration.

Cyber Security Roundup for November 2019

In recent years political motivated cyber-attacks during elections has become an expected norm, so it was no real surprise when the Labour Party reported it was hit with two DDoS cyber-attacks in the run up to the UK general election, which was well publicised by the media. However, what wasn't well publicised was both the Conservative Party and Liberal Democrats Party were also hit with cyber attacks. These weren't nation-state orchestrated cyberattacks either, black hat hacking group Lizard Squad, well known for their high profile DDoS attacks, are believed to be the culprits.

The launch of Disney Plus didn’t go exactly to plan, without hours of the streaming service going live, compromised Disney Plus user accounts credentials were being sold on the black market for as little as £2.30 a pop. Disney suggested hackers had obtained customer credentials from previously leaked identical credentials, as used by their customers on other compromised or insecure websites, and from keylogging malware. It's worth noting Disney Plus doesn’t use Multi-Factor Authentication (MFA), implementing MFA to protect their customer's accounts would have prevented the vast majority of Disney Plus account compromises in my view.

Trend Micro reported an insider stolen around 100,000 customer accounts details, with the data used by cyber con artists to make convincing scam phone calls impersonating their company to a number of their customers. In a statement, Trend Micro said it determined the attack was an inside job, an employee used fraudulent methods to access its customer support databases, retrieved the data and then sold it on. “Our open investigation has confirmed that this was not an external hack, but rather the work of a malicious internal source that engaged in a premeditated infiltration scheme to bypass our sophisticated controls,” the company said. The employee behind it was identified and fired, Trend Micro said it is working with law enforcement in an on-going investigation.

Security researchers found 4 billion records from 1.2 billion people on an unsecured Elasticsearch server. The personal information includes names, home and mobile phone numbers and email addresses and what may be information scraped from LinkedIn, Facebook and other social media sources.

T-Mobile reported a data breach of some their prepaid account customers. A T-Mobile spokesman said “Our cybersecurity team discovered and shut down malicious, unauthorized access to some information related to your T-Mobile prepaid wireless account. We promptly reported this to authorities”.

A French hospital was hit hard by a ransomware attack which has caused "very long delays in care". According to a spokesman, medical staff at Rouen University Hospital Centre (CHU) abandon PCs as ransomware had made them unusable, instead, staff returned to the "old-fashioned method of paper and pencil". No details about the strain of the ransomware have been released.

Microsoft released patches for 74 vulnerabilities in November, including 13 which are rated as critical. One of which was for a vulnerability with Internet Explorer (CVE-2019-1429), an ActiveX vulnerability known to be actively exploited by visiting malicious websites.

It was a busy month for blog articles and threat intelligence news, all are linked below.


T-Mobile Says Security Incident Might Have Affected Some Customer Data

Wireless network operator T-Mobile revealed that a security incident might have exposed the personal information of some of its customers. In a statement posted on its website, T-Mobile said that its security teams had discovered an instance of “malicious, unauthorized access” to some of its prepaid wireless account holders’ information. The notice clarified that the […]… Read More

The post T-Mobile Says Security Incident Might Have Affected Some Customer Data appeared first on The State of Security.

T-Mobile discloses data breach affecting prepaid wireless customers

Bad news for T-Mobile prepaid customer, the US-based telecom giant T-Mobile today disclosed a new data breach incident.

The US branch of the telecommunications giant T-Mobile disclosed a security breach that according to the company impacted a small number of customers of its prepaid service.

The cybersecurity team at T-Mobile discovered an unauthorized access to information associated with a limited number of its prepaid wireless account customers.

“We want to let you know about an incident that we recently identified and quickly corrected that impacted some of your personal information.reads the data breach notice published by the company.

Our Cybersecurity team discovered and shut down malicious, unauthorized access to some information related to your T-Mobile prepaid wireless account. We promptly reported this to authorities. None of your financial data (including credit card information) or social security numbers was involved, and no passwords were compromised.”


Exposed data includes name and billing address, phone number, account number, rate plan and features, like whether a customer has added an international calling feature.

“Rate plan and features of your voice calling service are ‘customer proprietary network information’ (‘CPNI’) under FCC rules, which require we provide you notice of this incident,” continues T-Mobile.

No financial information, social security numbers, and passwords were accessed by the attackers.

At the time of writing the company did not reveal details of the intrusion or the extent of the incident.

T-Mobile confirmed to have taken the necessary steps to lock out the attackers and immediately notified law enforcement of the security breach.

The company is notifying only affected customers through email, users can contact Customer Care to receive support and information on the incident.

The company is urging affected customers to update the PIN/passcode to access their accounts, let me suggest to not affected users to do the same.

Customers should remain vigilant on possible phishing messages that can use stolen data to trick victims into revealing sensitive data, passwords and financial information such as credit card information.

Another suggestion for T-Mobile customers is to monitor their bank and payment card statements for any suspicious activity and report to the bank if they find any.

In August 2018, T-Mobile announced it has suffered a security breach that exposed the personal information of up to 2 million T-mobile customers.

Pierluigi Paganini

(SecurityAffairs – data breach, T-Mobile)

The post T-Mobile discloses data breach affecting prepaid wireless customers appeared first on Security Affairs.

T-Mobile Suffers Data Breach Affecting Prepaid Wireless Customers

Are you a T-Mobile prepaid customer? If yes, you should immediately create or update your associated account PIN/passcode as additional protection. The US-based telecom giant T-Mobile today disclosed a yet another data breach incident that recently exposed potentially personal information of some of the customers using its prepaid services. What happened? In a statement posted on its website