430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

T-Mobile suffered a new data breach

T-Mobile discloses a new data breach that impacted a “very small number of customers” who were victim of SIM swap attacks. T-Mobile has suffered another security breach, threat actors gained access to the accounts of “a small number of” customers.’ According to The T-Mo Report, which viewed T-Mobile internal documents, there was “unauthorized activity” on […]

T-Mobile

T-Mobile discloses a new data breach that impacted a “very small number of customers” who were victim of SIM swap attacks.

T-Mobile has suffered another security breach, threat actors gained access to the accounts of “a small number of” customers.’

According to The T-Mo Report, which viewed T-Mobile internal documents, there was “unauthorized activity” on some customer accounts. The attackers viewed customer proprietary network information (CPNI) and carried out SIM swapping attacks on a small number of customers.

“Affected customers fall into one of three categories. First, a customer may have only been affected by a leak of their CPNI.” reported The T-Mo Report. “The second category an affected customer might fall into is having their SIM swapped.” “The final category is simply both of the other two. Affected customers could have had both their private CPNI viewed as well as their SIM card swapped.”

Customer proprietary network information exposed in the attack could’ve included billing account name, phone numbers, number of lines on the account, account numbers, and rate plan info.

“We informed a very small number of customers that the SIM card assigned to a mobile number on their account may have been illegally reassigned or limited account information was viewed. Unauthorized SIM swaps are unfortunately a common industry-wide occurrence, however this issue was quickly corrected by our team, using our in-place safeguards, and we proactively took additional protective measures on their behalf.” a T-Mobile Spokesperson told BleepingComputer.

T-Mobile customers should remain vigilant on unsolicited text messages or emails pretending to be from T-Mobile.

Unfortunately, this is the last incident in order of time suffered by the company, below is the list of previous incidents:

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)

[adrotate banner=”5″]

[adrotate banner=”13″]