• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Mobile Carriers Leak 123 million Customer Records in One Week

August 20, 2021 By Trevor Collins

Over the last week we saw 70 million AT&T customers and 53 million T-Mobile customers have their personal data leaked to hackers. While we didn’t find any connections between these two breaches the timing of the incidents  is strange.

AT&T has so far denied the breach involving their customers. While we don’t have confirmation from the hackers who breached AT&T, the user who posted the data for sale, ShinnyHunter, has a reputation of providing real breaches. We also find it all too common for companies to deny the breach before finally confirming it when the breach leaks to the public. The AT&T breach contains the following information: Date of birth, names, addresses, email addresses, and Social Security numbers. The breach may contain other private information, but we haven’t confirmed it.

T-Mobile on the other hand confirmed the breach as its fifth breach since 2017, not including the 2015 Experian breach that also lost T-Mobile customer data. The breach likely occurred because of a misconfigured T-Mobile gateway server called a GPRS support node.

The person who claims to have compromised T-Mobile says the company misconfigured a gateway GPRS support node that was apparently used for testing. It was exposed to the internet. That allowed the person to eventually pivot to the LAN. Proof screenshot supplied. pic.twitter.com/tBMvRBmG0r

— Jeremy Kirk (@Jeremy_Kirk) August 16, 2021

T-Mobile confirmed the breach contains names, drivers licenses, government identification numbers, Social Security numbers, dates of birth, PINs, addresses and phone numbers. While we don’t like to place blame on a company that experiences a breach, I don’t think I would trust T-Mobile to keep my private information safe right now.

If you are a T-Mobile or AT&T customer, there unfortunately isn’t a lot you can do once your data has already been stolen. At a minimum though, you should make use of the provided identity theft protection tools and keep track of your credit history but ideally, you shouldn’t give your Social Security number to a phone company even though some require it for service. Also, if you haven’t already, change your PIN and if you use the same PIN for other services like banking change it there as well.

Share This:

Related

Filed Under: Uncategorized

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Scratching the Surface of Rhysida Ransomware
  • An Interview with ChatGPT
  • TikTok is Banned, Kind Of
  • How Not to Update Software

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • How Not to Update Software
  • Naming APTs
  • TikTok is Banned, Kind Of
  • Scratching the Surface of Rhysida Ransomware
  • An Interview with ChatGPT
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use