T-Mobile Cyberattack Reportedly exposed Customer Info and SIMs

T-Mobile has suffered another cyberattack after being rocked by a massive data breach in August.

This time around, attackers accessed “a small number of” customers’ accounts, according to documents posted by The T-Mo Report.

According to the report, customers either fell victim to a SIM swapping attack (which could allow someone to bypass SMS-powered two-factor authentication), had personal plan information exposed, or both. The document shows that the customer proprietary network information that was viewed could’ve included customers’ billing account name, phone and account number, and info about their plan, including how many lines were attached to their account.

This summer, the carrier confirmed that a data breach exposed almost 50 million customers’ data, with the attacker accessing social security numbers, names, and dates of birth. (A person who claimed to be the hacker went on to call the company’s security practices “awful.”) The information reportedly exposed in December’s breach is less sensitive (and the documents say the customers who had their SIMs swapped have regained access), and is likely not as large in scope. We weren’t able to find widespread reports from customers that said they’d received notification letters.

T-Mobile’s support account has seemingly confirmed that there was a breach, responding to people on Twitter to say that it’s taking “immediate action” to help individuals who were put at risk by the attack.

Is it about time YOU protected yourself?

efani Most Secure Mobile Phone Service Prevent Eavesdropping, Remote Access & Location Tracking SAFE Encrypted Secure Your Identity & Phone NOW AT&T, T-Mobile, Verizon, Tracfone and US Mobile – are susceptible to SIM swap scams

T-Mobile suffers a data breach, again

According to a new report, T-Mobile has undergone a small-scale data breach days before the year 2021 ends. The news comes a few months after the company suffered a large-scale data breach in August 2021. The new data breach affected a small number of users who were allegedly a target of a SIM swapping attack.

According to the report, many T-Mobile customers received the “unauthorized activity” notification from the mobile carrier. “That activity was either the viewing of customer proprietary network information (CPNI), an active SIM swap by a malicious actor, or both,” explains the report from The T-Mo Report. In simple terms, customers who were the victim of the breach were a target of a SIM swapping attack or had their personal information exposed, or both.

 

efani 2021 Sees Over 40 million personal health info leaked

Over 40 million people had health information leaked this year

More and more people continue to have their health information exposed through hacks and other data leaks. Hacks and thefts of health data spiked in 2021.

Over 40 million people in the United States had their personal health information exposed in data breaches this year, a significant jump from 2020 and a continuation of a trend toward more and more health data hacks and leaks.

Health organizations are required to report any health data breaches that impact 500 or more people to the Office for Civil Rights at the Department of Health and Human Services, which makes the breaches public. So far this year, the office has received reports of 578 breaches, according to its database. That’s fewer than the 599 breaches reported in 2020, but last year’s breaches only affected about 26 million people.

Since 2015, hacks or other IT incidents have been the leading reason people have their health records exposed. According to a report from the security company, Bitglass threats continue.

The transition coincided with federal rules in the US requiring that healthcare organizations use electronic medical records and the broader switch toward digital tools like internet-connected monitors in healthcare.

Medical records are valuable on the black market. Medical record information is much harder to change than a credit card and it can be used to make fake medical claims or purchase medications.

efani | Hackers Mine Cryptocurrency Alphabet Inc. (GOOG) GCA

Hackers Using Compromised Google Cloud Accounts to Mine Cryptocurrency

Threat actors are exploiting improperly-secured Google Cloud Platform (GCP) instances to download cryptocurrency mining software to the compromised systems as well as abusing its infrastructure to install ransomware, stage phishing campaigns, and even generate traffic to YouTube videos for view count manipulation.

“While cloud customers continue to face a variety of threats across applications and infrastructure, many successful attacks are due to poor hygiene and a lack of basic control implementation,” Google’s Cybersecurity Action Team (CAT) outlined as part of its recent Threat Horizons report published last week.

Of the 50 recently compromised GCP instances, 86% of them were used to conduct cryptocurrency mining, in some cases within 22 seconds of a successful breach, while 10% of the instances were exploited to perform scans of other publicly accessible hosts on the Internet to identify vulnerable systems, and 8% of the instances were used to strike other entities. About 6% of the GCP instances were used to host malware.

In most cases, the unauthorized access was attributed to the use of weak or no passwords for user accounts or API connections (48%), vulnerabilities in third-party software installed on the cloud instances (26%), and leakage of credentials in GitHub projects (4%).

More here