Consumer Alert: The data of 37 million customers was exposed in the latest T-Mobile data breach. Here’s what you need to do to protect your money.
ROCHESTER, N.Y. Have you frozen your credit report yet?
If you’re a T-Mobile customer, you should consider it. The company revealed that a hacker stole the personal information of 37 million T-Mobile customers. The hackers stole names, addresses, email addresses, phone numbers, dates of birth and T-Mobile account numbers.
But T-Mobile says they did not steal social security numbers, credit card information or your pin and password. But that doesn’t mean you’re not in danger of identity theft. There have been so many data breaches of late, it’s safe to assume that all or part of your personal data profile is already being sold on the dark web.
Thieves can combine the information gained in this breach with information on the web and have enough to assume your identity and open new credit accounts in your name. T-Mobile says they believe the breach occurred on November 25, 2022. They discovered it on January 5th and notified law enforcement. They claim the breach is quote “contained at this time.”
But that does little to calm nervous T-Mobile customers. This company has a long troubled history of data breaches and promised in August that it would spend $150 million to fortify its systems. And boy, do they need to.
The company has disclosed eight hackings since August 2018. Here are some of the big ones that affected customer data:
- November of 2019
- January of 2021
- August of 2021 – In that huge breach, thieves stole social security and driver’s license numbers affecting 80 million customers.
- December of 2021 – Thieves got the unique identifiers of customers’ phones and executed sim-swapping attacks.
- November 25 – This is the most recent hacking that affected 37 million people.
So here’s what you need to do to protect yourself. First, you need to freeze your credit report with each of the three bureaus. It’s now easy to do and it’s free. (PLEASE LINK ALL THREE BUREAUS.)
Next, secure your phone against SIM swapping. That’s when thieves essentially steal your phone number by transferring your number from your sim card to theirs. So you need to set up two-factor authentication on all of your accounts using an authentication app.
Your SIM card is that small plastic chip that tells your phone which number to use and which cellular network to connect to.
In a SIM swap, thieves essentially steal your phone number by transferring your number from your SIM card to theirs.
You know when it happens because your phone suddenly stops working. Think about the number of accounts tied to your phone number like your bank, your email and your social media accounts. And any two-factor authentication codes that are usually sent to you via text message are now going to the thief.
That’s why I was changing the two-factor authentication security feature on all my accounts. Now those codes go to my authentication app instead. Here’s how it works. To access my accounts, I have to provide not only my password but also a code sent to me through an authentication app.
So if my phone number is hijacked, I can still access my accounts using this security feature.
According to PC Magazine, here are some of the best apps: (PLEASE PROVIDE LINKS FOR EACH APP)
- Twilio Authy
- Duo Mobile
- Lastpass authenticator
- Microsoft authenticator
All four of these apps encrypt and back up your account information so that if you lose your phone, you can still access your accounts.
And lastly, even though T-Mobile says PINs and passwords were NOT stolen in this breach, you may also want to change your password and PIN with T-Mobile.