T-Mobile says hacker accessed personal data of 37 million customers

T-Mobile said on Thursday that a hacker had collected data, including names, birth dates and phone numbers, from 37 million customer accounts, the company's second major breach in less than two years.

In a securities filing, T-Mobile said it first discovered that a "bad actor" was obtaining the data on Jan. 5. With help from outside cybersecurity experts, the mobile service provider stopped the leak the next day, it said.

The company said there was no evidence that its systems or network had been compromised, adding that the mechanism the hacker exploited did not provide access to more sensitive information such as Social Security numbers, government identification numbers, or passwords or payment card information.

"Our investigation is still ongoing, but the malicious activity appears to be fully contained at this time, and there is currently no evidence that the bad actor was able to breach or compromise our systems or our network," T-Mobile said in the SEC filing.

T-Mobile has disclosed eight hacks since 2018, with previous breaches exposing customer call records in January 2021, credit application data in August 2021, and an "unknown actor" accessing customer info and executing SIM-swapping attacks in December 2021. In April last year, the hacking group Lapsus$ stole T-Mobile's source code after purchasing employees' credentials online.

Read more -here-

• Google releases emergency fix for new Chrome zero-day flaw
• Disney+, Hulu and Max team up for streaming bundle package
• OpenAI is reportedly working on a search feature for ChatGPT
• TikTok, ByteDance sue to block US law seeking sale or ban of app
• OpenAI partners with Stack Overflow to make models better at coding
• Dropbox breach exposes customer credentials, authentication data