T-Mobile yesterday (Aug. 17) posted an update on its most recent data breach. While the company seems to be trying to reassure people, it’s hard to put a positive spin on this news, which is about as bad as it gets.
T-Mobile said that only about 49 million current, former and prospective T-Mobile customers had their personal account information stolen — not 100 million as a hacker claimed on an internet forum this past weekend.
Regardless of how many millions of people had their T-Mobile data hacked, the upshot is this: If you’ve ever applied for a T-Mobile postpaid account, you now have to assume that your name, address, date of birth and Social Security number have been fully compromised.
You have to assume that anyone could use that information to open accounts in your name, sell your Social Security number, get an ID card in your name or even use your name while they’re being arrested.
What you need to do about T-Mobile’s data breach
Here’s what you need to do if you have ever had or have ever applied for a T-Mobile postpaid account. (We’ll get to T-Mobile prepaid customers in a minute.)
- Take T-Mobile up on its offer of two years of McAfee ID Theft Protection Service.
- Put a fraud alert on your credit files with Equifax, Experian and TransUnion. (Here’s how.)
- Consider instituting a credit freeze with the Big Three credit-reporting agencies. (Here’s how.)
- If you have a T-Mobile account, change your T-Mobile account PIN and password.
- If you have a T-Mobile account, take the offer to set up Account Takeover Protection.
Lastly — and we don’t say this flippantly — consider dropping T-Mobile and switching to a wireless carrier that does a decent job of protecting your personal information. This is the fourth or fifth major T-Mobile data breach in the past three years, and if this company’s track record is any indication, it won’t be the last.
All you need to steal someone’s identity
In its post yesterday (Aug. 17), T-Mobile said that “we were able to verify that a subset of T-Mobile data had been accessed by unauthorized individuals.”
Approximately 7.8 million current T-Mobile postpaid customers, and “just over 40 million” former postpaid customers, as well as prospective customers who had applied for postpaid accounts, had their full names, dates of birth, Social Security numbers and driver’s-license or ID numbers compromised.
The bright side — if there is one — is that there is “no indication that the data contained in the stolen files included any customer financial information, credit card information, debit or other payment information.”
Nor were any “phone numbers, account numbers, PINs [or] passwords” compromised for these 48 million people, although T-Mobile is recommending these people reset their PINs anyway.
That’s nice, but the theft of Social Security numbers is a lot more serious. It’s not hard to cancel credit cards or reset PINs, while your Social Security number stays with you for life.
T-Mobile prepaid accounts also hit, but not as badly
However, that’s not all. The company said “approximately 850,000” people with “active” prepaid T-Mobile accounts had their “customer names, phone numbers and account PINs” compromised. T-Mobile said it has reset all those PINs already.
These people did not have their Social Security numbers exposed, T-Mobile said. Nor does it mention dates of birth or home addresses, two things that people with prepaid accounts may not have to provide when setting up an account.
If you have a T-Mobile prepaid account, you should reset your PIN again, as well as your account password, but you’re probably good regarding potential identity theft.
The company added that “no Metro by T-Mobile, former Sprint prepaid, or Boost customers had their names or PINs exposed.”
But it didn’t say anything about current or former Sprint postpaid, or current Sprint prepaid, customers. It’s possible that more bad news might come out of this already awful data breach.
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.
