T Mobile hack is back in news as the telecom company is accusing a hacker of fraudulently stealing customer data from its servers. Earlier, the company was targeted by a sophistication filled digital attack. But now, the company has made it official that it closed the access point for a hacker who was exploiting loads of info related to about 37 million customers, including those on prepaid and postpaid plans.
As per the details available to Cybersecurity Insiders, the threat actor stole the information via an Application Programming Interface (API) without permission and the malicious activity was conducted between November 5th,2022 to January 5th, 2023.
Good news is that the access to the malicious actor has been blocked now, and no details related to social security nos, IMEI numbers, payment card details or Govt ids were leaked to the cyber crooks.
However, the threat actor did access information such as email addresses, phone numbers, DoBs, T-Mobile account nos, prepaid or postpaid plan and names of consumers.
NOTE 1- API is a communication interface that allows a computer program to connect with another program in a way that the developer of the first program expects to interact. When such APIs are poorly designed or deployed, it allows threat actors exploit it to gain control of sensitive data or conduct malicious activities.
NOTE 2- At the time of this writing, none from the business subsidiary of Deutsche Telekom Germany claimed the data leak as genuine and one Redditt active user (a pseudo-person working for the company) added that the hacker might pretend to the world, by claiming to own T Mobile data, that was not real in actual.
Â
