Breach At T-Mobil Exposes Customer Data

A security incident on August 20 has apparently led to the exposure of customer names, billing ZIP codes, phone numbers, email addresses and account numbers belonging to 2 million customers of T-Mobil. The incident occurred after hackers compromised company servers through an API. According to a company spokesman, the hack was “international.” It was quickly fixed, and the company says that all affected customers have, or soon will be, notified. Earlier this year a bug was discovered in T-Mobile’s website which allowed anyone to access the personal data of customers using only a phone number. The flaw was in a sub-domain used by the company to access internal tools. It was easily located via search engines, and if a phone number was tagged onto the end of the web address, the platform would reveal customer information including name, street address, billing account numbers and account records.