T-Mobile says farewell to 2021 with yet another data breach

SIM swapping enables hackers to take control of a mobile phone number by tricking a carrier to reassign the numbers to attacker-controlled SIM cards.
30 December 2021


  • T-Mobile suffers a minor data breach involving SIM swapping
  • The telco provider suffered a major data breach in August this year as well
  • T-Mobile has informed customers affected by the latest data breach incident

A few months ago, T-Mobile suffered one of its biggest data breaches ever. Personal data of over 50 million of its users have purportedly been exposed in that breach.

What made T-Mobile’s data breach more concerning is that the hacker responsible was just 21-years-old. John Binns, an American residing in Turkey said the wireless company’s lax security eased his path into a cache of records.

Acknowledging the weaknesses in their system that allowed the data breach to happen, T-Mobile has since enhanced security across their platforms and is collaborating with industry-leading experts to understand additional immediate and longer-term next steps.

But the reality is, T-Mobile keeps experiencing data breaches. Just as things started to improve, another breach has been reported. This time, the cause of the breach is allegedly caused by SIM swapping. SIM swapping enables hackers to take control of a mobile phone number by tricking a carrier to reassign the numbers to SIM cards controlled by attackers.

Hackers can then take control of the mobile number and use them to get hold of SMS-based multi-factor authentication. This means they can steal their credentials, log into the victims’ bank accounts to steal money, or hijack their online accounts by changing the passwords.

According to a report by Bleeping Computer, T-Mobile confirmed reports of a new data breach are linked to notifications sent to a “very small number of customers” who fell victim to SIM swap attacks. “We informed a very small number of customers that the SIM card assigned to a mobile number on their account may have been illegally reassigned or limited account information was viewed,” a T-Mobile spokesperson told the website.

Reports also showed that hackers had viewed customer proprietary network information. The customer proprietary network information includes all the data T-Mobile has about phone calls. T-Mobile describes it as “features of your voice calling service (e.g., international calling), usage information (like call logs — including date, time, phone numbers called, and duration of calls), and quantitative data like minutes used.”

While T-Mobile has contained the data breach, the reality is that the telecommunications provider is one of several that continues to be targeted by cybercriminals. In the last four years alone, T-Mobile has already experienced cyberattacks and breaches numerous times. In February this year, hackers used SIM swap to gain access to an internal T-Mobile application as well.

To prevent future attacks, T-Mobile has also entered into a long-term partnership with cybersecurity experts at Mandiant and with consulting firm KPMG LLP. The company also said that it was planning a multi-year investment to improve security.