T-Mobile Data Breach: How To Not Be Next

T-Mobile Data Breach Exposes Over Two Million Customers Personal Information

T-Mobile is the victim of a data breach that has affected more than two million of its customers.

The mobile network company posted a statement on their website stating that on August 20th, 2018, T-Mobile’s in-house security team noticed unusual activity and that it was immediately “shut down.” However, that was after more than roughly two million customers personal information was breached.

Information that was possibly compromised includes subscribers’ names, billing zip codes, phone numbers, email addresses, account numbers and account types (pre-paid or billed).

No social security numbers (SSN’s), financial information, or account passwords were breached during the attack.

The report from T-Mobile doesn’t mention the number of accounts but Motherboard is reporting that nearly 3% of accounts were accessed, which totals 2.26 million accounts.

What Went Wrong?

T-Mobile is unclear how the breach occurred. Therefore, it’s difficult to pinpoint what vulnerability led to the network being breached. It’s been reported that the hackers exploited an internal AOI (application programming interface) on the servers that handle personal information, but this hasn’t been confirmed. T-Mobile is a massive organization and they spend significant amounts of money on data security. So, how could this happen to them?

Cyber hackers are constantly developing new methods and tactics to steal personal information. Too often businesses are defensive with their cybersecurity instead of offensive. Meaning, they’ll wait for a breach to change. Cybersecurity needs to be an offensive pursuit. Companies need to be proactively seeking to find ways to enhance their security and better protect them from attacks.

Two-Factor Authentication and Multi-Factor Authentication

Three Defenses You Need

Sophos Intercept X

Sophos Intercept X is an advanced machine learning software that works to actively predict and anticipate malware virus attacks and then defend against them. Now, Sophos software may not have been the right tool in the case of T-Mobile, but malware and ransomware attacks are two of the most common attacks on businesses right now. Sophos Intercept X is currently protecting businesses against millions of potential attacks.

Two-Factor Authentication

When it comes to personal information, nothing will protect your accounts better than two-factor authentication. Two-factor authentication or multi-factor authentication is when your account requires two steps to log in. Usually, this means you’ll enter a username and password, and then a unique code will be sent via email or text, and you’ll then enter that in. Multi-factor authentication can seem tedious to some, but it’s proven to protect against over 99% of hackers attempts to access your account. In reality, multi-factor authentication is one of the most budget-friendly cyber defense options, and one of the most effective. So, in essence, it’s a no-brainer.

Disaster Recovery Plan

It’s essential for every business to have a disaster recovery plan. Disaster recovery plans are a guide of what to do when a disaster strikes. Part of a disaster recovery plan needs to be a plan for what to do if you experience a cyber attack. What systems are the most important to get up and running ASAP? Who to contact for what? What resources do we have to restore all servers quickly? etc. Being unprepared makes cyberattacks worse. It’s clear that T-Mobile had a disaster recovery plan in place because of how quickly they were able to react. If you had a similar attack, how long would it take you to recover?

To learn more about cyber security and how to better defend your information, get a free assessment from an expert consultant about IT Services in Seattle, IT Support in Spokane, or  Managed IT Services in Utah or Oregon.

Related Insights