T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360
Last week T-Mobile elicited groans after it confirmed a massive hack of customer data — its fourth such hack in four years. For a short time it appeared that something similar had happened to its in-country carrier rival, AT&T: a post on an illicit hacker forum claimed to have customer data from 70 million people, selling for $200,000. But in contrast with T-Mobile’s response, AT&T says its investigation of the sample data indicates that it didn’t come from the company’s servers.
MarketWatch quotes an AT&T email sent to members of the media: “Based on our investigation today, information that appeared in an internet chat room does not appear to have come from our systems.” The implicit conclusion is that either the data was gathered from third-party sources given access to AT&T customer info (which is certainly possible), or that the poster on the forum simply made up the data and is looking for a quick payday.
That’s also very possible: we’re talking about criminals who illegally steal data to sell for the purposes of identity theft. It’s not hard to believe that said people would be above simply lying their way into a windfall. Now would be a natural time to do so, soon after a similar company confirmed yet another successful penetration of its systems.
On the same note, it’s also worth pointing out that a massive telecom company has sufficient motivation to be, shall we say, “downplay” news that its data security isn’t up to snuff. The only thing we can say for sure is that attacks on customer data, and the marketplace and culture surrounding them, aren’t going away any time soon.