Fortunately, compared to the types of data hackers obtained in previous attacks on the carrier and his partners, the scope of this most recent incident is considerably narrower. T-Mobile said the attack was limited to what the FCC considers “customer’s proprietary network information,” which can include phone numbers, the number of lines associated with the account, and potentially information about the customers. calls made, such as phone numbers called, schedule, and duration. The carrier further pointed out that the data viewed “did not include account names, physical or email addresses, financial data, credit card information, social security numbers, tax identification number. , passwords or PIN codes “.
In a statement provided to BleepingComputer, the carrier said the breach affected only a small fraction – less than 0.2% – of the more than 100 million people in its subscriber base. That may not sound like much at all, but the math still works for some 200,000 potentially affected people. More importantly, those who have been contacted by T-Mobile should do their best to stay on guard. While the data obtained is not enough to put these people in immediate danger, it could still be used in tandem with information obtained from other data breaches and breaches to coordinate phishing attempts and social engineering attacks. . (We’ve reached out to T-Mobile for comment and will update this story if the company responds.)