T-Mobile Notifying Customers of Security Breach
I switched to T-Mobile on Friday, taking advantage of the deal unveiled by CEO John Legere at CES earlier this month. Today Earlier this month, news came out that T-Mobile has suffered a security breach, compromising important customer data stored on servers at an unspecified T-Mobile supplier. That’s not great news for new customers like me who are looking to enjoy the honeymoon period for as long as possible. Sigh. Everything fades.
The news comes by way of a post on CSO Online, a blog focused on security analysis, which links to a form letter being prepped to go out to customers. The letter says that an unauthorized person accessed “a file stored on servers owned and managed by a T-Mobile supplier.”
“This file contained personal information, including name, address, Social Security number and/or Driver’s License number,” it continues. “Although we believe the primary goal of the access was to obtain credit card numbers (which were not included in the file), the information that was accessible could also potentially be misused. Our supplier has taken immediate measures to secure the impacted servers.”
The letter also says that the breach was discovered back in November—and customers are only getting letters about it now. Which, you know, is not very good. The CSO Online post asks the obvious question as to why there’s such a delay, and, well, that’s a damn good question. The good news for T-Mobile customers is that, from the sound of the letter, the breach was restricted to one location, presumably in California (the origin of the form letter). That means the majority of the carrier’s customers don’t have to worry too much, but it is troubling that it could happen at all.
The letter also provides recipients with a year’s worth of ProtectMyID Elite from Experian, which will supposedly protect the owner’s data from further security breaches. All in all, that’s a solid response and decent enough restitution for what has the potential to be a pretty nasty security breach. But again, it’s tough to get over the long lag time between the November discovery and notifying customers two months later. I’m still happy I made the switch to the un-carrier—but I’m a bit less enthusiastic than I was yesterday. And you can forget getting me for your crazy bank. PASS.
(This post has been updated to reflect the date of the original source.)