T-Mobile confirms SIM swapping attacks led to breach
T-Mobile recently confirmed a data breach that was caused by SIM swapping attacks, according to the T-Mo Report. T-Mo Report, a block tracking T-Mobile, obtained internal reports that showed data was leaked from a subset of customers. According to the report, some individuals had their customer proprietary network information leaked, which includes certain information about a customer’s plan, the number of lines, phone numbers, the billing account, and more. The documents also showed that other customers had their SIMs swapped.
A set of customers were victims of both the CPNI leak and the SIM swapping scams. T-Mobile did not provide details of the attack and would not confirm how many customers were affected. The company did report that it released noticed to customers who were affected by SIM swapping attacks, and referred to the security incidents as common among the industry. In addition, the company experienced a massive data breach in August that exposed sensitive information pertaining to 50 million current, former, and prospective customers. The data exposed in this breach included addresses, social security numbers, driver’s licenses, and ID information.