T-Mobile CEO Apologizes for Data Breach, Shares Info on Future Security Plans

by

T-Mobile CEO Mike Sievert today penned a letter to T-Mobile customers apologizing for the recent data breach that impacted more than 50 million current, former, and prospective T-Mobile users.

tmobilelogo
Data that included names, phone numbers, addresses, birth dates, social security numbers, driver's license and ID info, IMEI numbers, and IMSI numbers was stolen and has been offered for sale.

"We didn't live up to the expectations we have for ourselves to protect our customers," wrote Sievert. "Knowing that we failed to prevent this exposure is one of the hardest parts of this event. On behalf of everyone at Team Magenta, I want to say we are truly sorry."

He went on to say that T-Mobile is "disappointed and frustrated" and that keeping customer data safe is a responsibility that is taken "incredibly seriously." Preventing attacks is a "top priority" for the company.

The hacker who claims to have attacked T-Mobile's servers yesterday said that T-Mobile's security is "awful." The hacker said that he discovered an unprotected T-Mobile router in July and used that to access T-Mobile's data center in Washington, where he was able to get in using stored credentials.

Sievert said that T-Mobile is coordinating with law enforcement on a criminal investigation, and that the company is unable to disclose specific details at this time.

What we can share is that, in simplest terms, the bad actor leveraged their knowledge of technical systems, along with specialized tools and capabilities, to gain access to our testing environments and then used brute force attacks and other methods to make their way into other IT servers that included customer data.

T-Mobile has now notified every current T-Mobile customer about the data breach, and is working to notify former and prospective customers. Those affected can visit T-Mobile's website dedicated to the attack, which provides tools for signing up for free McAfee ID Theft Protection, setting up Scam Shield, and using the Account Takeover Protection service.

In an attempt to prevent future attacks, T-Mobile has entered long-term partnerships with cybersecurity experts at Mandiant and with consulting firm KPMG LLP. T-Mobile is planning a multi-year investment into beefing up its security.

Tag: T-Mobile

Popular Stories

ios 18 4 carplay

Apple Upgrades CarPlay in Two Ways

Wednesday March 12, 2025 6:05 am PDT by
The upcoming iOS 18.4 update for the iPhone includes a smaller but meaningful improvement for Apple's in-car iPhone mirroring system CarPlay. Specifically, CarPlay now shows a third row of icons, up from two rows previously. However, this change is only visible in vehicles with a larger center display. For example, a MacRumors Forums member noticed the change in a Toyota Tundra with a...
Read Full Article53 comments
Apple More Personal Siri Ad

John Gruber Says 'Something is Rotten' at Apple

Wednesday March 12, 2025 7:39 pm PDT by
Daring Fireball's John Gruber today shared some strongly-worded comments about Apple's delayed personalized Siri features. Gruber is a well-known Apple pundit who has been writing about the company for more than two decades. In a blog post titled "Something Is Rotten in the State of Cupertino," Gruber said Apple's credibility has been "damaged" by the delay:Keynote by keynote, product by...
Read Full Article598 comments
Apple Maps vs Google Maps Feature

iOS 18.4 Adds a Highly-Requested Setting to iPhones — But Not in U.S.

Wednesday March 12, 2025 1:05 pm PDT by
iPhones are finally getting a much-requested setting, but availability is limited. The upcoming iOS 18.4 update introduces an option to set a default navigation app, other than Apple Maps, but unfortunately this new setting is limited to users in the EU. There, you can now set an app like Google Maps or Waze as your default navigation app on the iPhone by opening the Settings app and tapping ...
Read Full Article112 comments
airpods pro 2 gradient

AirPods Pro 3 Launch Now Just Months Away: Here's What We Know

Tuesday March 11, 2025 3:26 am PDT by
Despite being released over two years ago, Apple's AirPods Pro 2 continue to dominate the wireless earbud market. However, with the AirPods Pro 3 expected to launch in 2025, anyone thinking of buying Apple's premium earbuds may be wondering if the next generation is worth holding out for. Apart from their audio and noise-canceling performance, which are generally regarded as excellent for...
Read Full Article46 comments
Generic iOS 19 Feature Mock Light

iOS 19 Will Bring Biggest Design Overhaul Since iOS 7

Monday March 10, 2025 12:17 pm PDT by
Apple is planning for a major design overhaul of the iPhone, iPad, and Mac interfaces with the introduction of iOS 19, iPadOS 19, and macOS 16 later this year, reports Bloomberg. The update will "fundamentally change" the look of Apple's operating system, introducing a more consistent cross-platform experience. Apple plans to update the style of icons, menus, apps, windows, and system...
Read Full Article257 comments
iPhone 17 Pro Render Front Page Tech

iPhone 17 Pro Machined Parts Leak Reflects Camera Redesign Rumors

Thursday March 13, 2025 3:07 am PDT by
Apple's upcoming iPhone 17 Pro models are expected to feature a significant design overhaul, and a new image apparently taken on an assembly line for the unreleased devices appears to confirm the biggest rumored change. Render of an iPhone 17 Pro model shared by Jon Prosser The iPhone 17 Pro and iPhone 17 Pro Max are rumored to adopt a horizontal camera bar reminiscent of Google's Pixel...
Read Full Article85 comments
Sad Siri Feature

Kuo: Apple Knows Apple Intelligence is 'Underwhelming' and Won't Drive iPhone Upgrades

Thursday March 13, 2025 9:32 am PDT by
The Apple Intelligence features that Apple introduced with iOS 18 are not pushing people to upgrade their iPhones, Apple analyst Ming-Chi Kuo reiterated today. Apple's recent Siri failures are also going to have an impact on 2025 iPhone shipments, which the market is beginning to realize. As early as last July, Kuo said expectations that Apple Intelligence could drive iPhone upgrades were...
Read Full Article289 comments
iOS 18

12 New Things Your iPhone Can Do in iOS 18.4

Monday March 10, 2025 9:28 am PDT by
Apple is set to release iOS 18.4 in early April, bringing further refinements to Apple Intelligence features, a neat new capability to iPhone 15 Pro devices, new emoji, and more. While not quite as packed with new features as Apple's preceding iOS 18 point releases, iOS 18.4 still introduces enhancements that aim to make your iPhone smarter and more intuitive. Below, we've listed 12 new...
Read Full Article33 comments
macOS 16 visionOS Inspired

Major macOS 16 Redesign to Bring Biggest Changes Since Big Sur

Wednesday March 12, 2025 2:28 am PDT by
Apple is planning a radical redesign of macOS with version 16, and it could be the most significant visual refresh since macOS Big Sur was introduced in 2020, according to Bloomberg. MacRumors concept render The upcoming Mac operating system will reportedly be part of Apple's sweeping effort to create a more consistent interface across all of its platforms, including iPhone, iPad, and Apple...
Read Full Article

Top Rated Comments

benh911f Avatar
benh911f
46 months ago
I hate when these companies release statements after the fact saying how important keeping customer info safe and secure is. Just so disingenuous when it clearly isn’t important to them at all.
Score: 25 Votes (Like | Disagree)
velocityg4 Avatar
velocityg4
46 months ago
T-Mobile: We're now upgrading to Windows 98 and installing Norton Utilities. Plus enforcing four digit numerical passwords for all administrators. Everything should be good now.
Score: 24 Votes (Like | Disagree)
nutmac Avatar
nutmac
46 months ago
All empty words.

T-Mobile should minimally implement:

* Non-SMS 2FA: Integrate with more secure 3rd party SSO like Apple or Google, and allow customers to use only RFC-6238 without the SMS fallback.
* Automated PIN Entry: Currently, T-Mobile representative asks customers to recite the PIN. A bank teller would never ask for your PIN. The entry should be done by an automated system.
* Close the Backdoors: T-Mobile representative can bypass the PIN and reset it with easily hacked info like social security number and mother's maiden name. Resetting them should require third party knowledge-based authentication service.
* Data minimization: Do not store sensitive info like social security number, birthdate, and driver's license. Customers should be required to enter these information whenever T-Mobile needs to pull credit report.
* Data retention: When a customer leaves, encrypt and archive their data to entirely separate system that requires more stringent access control. And allow customers to delete them indefinitely.
Score: 12 Votes (Like | Disagree)
Think|Different Avatar
Think|Different
46 months ago
I mean, I could switch but, these days, whoever I switched to could have the same thing happen during the first week. This stinks and is unacceptable but I can’t say it’s an obvious decision to ditch them.
Score: 6 Votes (Like | Disagree)
justperry Avatar
justperry
46 months ago
[HEADING=2]Apologizes Until it happens again...and again...and yet again.[/HEADING]
Score: 5 Votes (Like | Disagree)
mapsdotapp Avatar
mapsdotapp
46 months ago
T-Mobile does have terrible security, even from a consumer’s perspective. They support TOTP tokens for two-factor authentication, but even if one enables it you can still use SMS as a fallback. This defeats the whole point as SMS has known vulnerabilities and is deprecated as a 2FA measure by NIST. Oh and by the way, your Apple ID has this vulnerability too. Hope your phone number is secure.
Score: 4 Votes (Like | Disagree)
Read All Comments