Scribd
Upload
474 views6 pages

T-Mobile Data Breach Coursera Assignment

1. T-Mobile discovered a data breach on August 17, 2021 where a bad actor had accessed their infrastructure and stolen personal data of over 40 million past and potential customers as well as 7.8 million existing customers. 2. The stolen data included names, dates of birth, social security numbers, driver's license information, and account PINs of some prepaid customers. 3. T-Mobile is offering two years of free identity protection services through McAfee to impacted customers and urging eligible users to enroll in free scam blocking protection through Scam Shield.

Uploaded by

rachana singh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
474 views6 pages

T-Mobile Data Breach Coursera Assignment

1. T-Mobile discovered a data breach on August 17, 2021 where a bad actor had accessed their infrastructure and stolen personal data of over 40 million past and potential customers as well as 7.8 million existing customers. 2. The stolen data included names, dates of birth, social security numbers, driver's license information, and account PINs of some prepaid customers. 3. T-Mobile is offering two years of free identity protection services through McAfee to impacted customers and urging eligible users to enroll in free scam blocking protection through Scam Shield.

Uploaded by

rachana singh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 6

Attack Case Study

T-Mobile
T-Mobile discovered on August 17, 2021, that
a bad actor had obtained personal data
unlawfully. Initially, the bad actor was able to
access T-infrastructure Mobile's on
preferably by July 19, 2021. We have
Attack Category: confirmed that a portion of T-Mobile data
Security Data Breach had been accessed and/or obtained by
unauthorized people, and the data stolen
from our systems did contain some personal
information. However, our investigation is
still ongoing. You may find the most recent
information on the affected data here.
According to a statement from the mobile service provider, the investigation
into the data breach began last week when the company was "advised of
accusations made in an online forum that a bad actor had hacked T-Mobile
systems. "According to the business, the stolen files contained data on more
than 40 million past or potential customers who had applied for credit with the
company, as well as information on about 7.8 million existing T-Mobile
accounts. First and last names, social security numbers, driver's licence
numbers, and other details about consumers were among the data that was
exposed, according to T-Mobile. The PINs of around 850,000 current prepaid
consumers were also included.
More than 40 million people's personal information was made public
1 due to a cyberattack on T-Mobile.

The access point that we suspect was utilised to unlawfully access our
2 servers was then discovered and shut down immediately.

To anyone who thinks they may be impacted, McAfee is providing two


3 years of free identity protection services with its ID Theft Protection
Timeline Service.
Company Name Attack urging all eligible T-Mobile users to sign up for free scam-blocking
4 protection through Scam Shield

With our Account Takeover Protection capabilities, we give postpaid


clients an additional layer of security for their mobile accounts, making
5 it more difficult for accounts to be fraudulently moved out and stolen.
The names, phone numbers, and account PINs of about 850,000 active
T-Mobile prepaid customers were disclosed.
6
SIM swapping
The mobile operator SMS phishing
disclosed that the leaked SIM swapping is an additional
data includes full names, SMS Phishing assaults could assault specialized to phone
dates of birth, SSNs, and be carried out using SMS. users. This occurs when an
driver's license/ID
messages sent under the attacker is successful in getting
information for over 40
cellphone operator's name. In a mobile operator to link a
million previous or
potential customers who
the instance of the 48 million victim's phone number to a
had applied for credit with current, former, and potential SIM card that is in their
T-Mobile in addition to 7.8 T-Mobile users whose personal possession so that the attacker
million current T-Mobile information was exposed, can receive all of the victim's
Vulnerabilities postpaid users. For these
people, no phone
initially. calls and texts.

numbers, account
numbers, PINs,
passwords, or financial Victim profiles
details were disclosed.
Unfortunately, 850,000
The more breaches occur, the easier it is for attackers to
active T-Mobile prepaid
customers' names, build complete victim profiles and launch attacks that
contact information, and are increasingly hard to detect by both companies and
account PINs were made users.
public.
Costs Prevention
• Given that the average cost of a data breach has • A free two-year subscription to McAfee's ID Theft
increased to more than $1.5 million, the mobile Protection Program, which includes credit
operator may incur significant costs as a result of monitoring and full-service identity theft
the data breach 4.7 million dollars. protection, is being made available to all impacted
• According to the US, hackers stole the information T-Mobile users.repair, identity protection,
on 7.8 million postpaid service customers. surveillance of the dark web, and more.
Together with more than 40 million records of • All T-Mobile customers can use the company's
previous or potential consumers, the data of Scam Shield app, which enables caller ID and
roughly 850,000 prepaid users was also automatically rejects calls marked as frauds.
compromised. Business and postpaid customers can also use
TMobile's free Account Takeover Protection
service.

You might also like