A T-Mobile store signSource: Android Central

What you need to know

  • Some T-Mobile customers have reportedly been notified of unauthorized activity on their accounts.
  • Internal T-Mobile documents show that "unknown actors" had access to customers' personal information, including the account number, name, and phone numbers on the account.
  • Some customers also had an unauthorized SIM swap which puts the device's number on another device.
  • T-Mobile has notified affected customers, and the SIM swaps have reportedly been reversed.

Apparently, some T-Mobile customers have been notified about a data breach on their wireless T-Mobile accounts, according to The T-Mo Report. This is reportedly part of an internal document showing how to identify an affected account, including CPNI and SIM memos applied on December 23, 2021.

The account memos include CPNI, SIM, and CPNI + SIM depending on which type of activity T-Mobile detected. CPNI refers to customer information such as the account name, number, phone numbers, number of devices, rate plan name, and how much it costs. While this information can seem harmless, it can be helpful for a scammer to appear more legitimate when talking to you or people you know.

The SIM memo refers to users that have had an unauthorized SIM card change on their account. The memo indicates that an unknown person had swapped the SIM card to point to another device. Once the change is reversed, a SIM Card Change Block is placed on the users' accounts for additional protection.

T-Mobile notes that no usernames, passwords combinations, nor stored payment methods were accessed.

The final memo combines the two, with CPNI + SIM indicating that both conditions were met. A SIM Card Change Block has been implemented on these accounts.

It's important to remember how to avoid scams during the holidays and to be very careful about what information you give out. If you're not sure if a call from your carrier is legitimate, hang up and contact support directly or even visit a corporate store. You should also be using two-factor authentication whenever possible with a proper app so you can stop relying on SMS for authentication.

Of course, this follows a larger T-Mobile data breach that took place back in August of 2021 that affected 100 million customers, after which T-Mobile stated it would open a Cyber Transformation Office while partnering with cybersecurity companies to help stop attacks from happening.

We reached out to T-Mobile for comment on the matter and the following statement was provided.

Our people and processes worked as designed to protect our customers from this type of attempted fraud that unfortunately occurs all too frequently in our industry.