Updated

T-Mobile data breach FAQ: What happened, how it affects you, and what you should do now

T-Mobile shut it down quickly but says millions of customers may have been affected.

p1200572
Magdalena Petrova

Update 9:30 p.m. EST: T-Mobile now says “encrypted passwords” were included in the stolen data.

T-Mobile has reported that its cyber-security team “discovered and shut down an unauthorized access to certain information, including yours, and we promptly reported it to authorities.” In plain English, that means someone somewhere may have your personal information. Here’s everything you need to know about what may have been stolen and how to protect your account:

When did the attack take place?

Early in the morning on Monday, August 20, 2018.

Who implemented the attack?

T-Mobile hasn’t identified a specific group, but a company spokesperson told Motherboard that the hackers were part of an “international group.”

How did they break in?

According to Motherboard, the hackers were able to exploit an internal API (application programming interface) on its servers that handled personal information.

How many people are affected?

T-Mobile said more than 2 million people may have had their information stolen, representing about 3 percent of its 75 million-plus customer base.

What did they take?

T-Mobile says the hackers were able to steal:

  • Name
  • Billing address
  • ZIP code
  • Phone number
  • Email address
  • Account number
  • Account type (prepaid or postpaid)

Was any credit card information obtained?

T-Mobile says no.

What about my password?

While T-Mobile first denied that any password were stolen as part of the hack, it later amended that statement. Now the company says “encrypted passwords” were among the compromised data. According to Motherboard, the encryption method involved "cryptographic representations of a password."

Social Security number?

Nope, T-Mobile says.

How do I know if my information was included in the hack?

T-Mobile will be sending out text messages to affected customers beginning today. The message will read as follows: Hello—We ID’d & shut down an unauthorized capture of your info. No financial info/SSN taken but some personal info may have been. More: t-mo.co/security

What do I do if I receive a text message?

You don’t have to do anything. T-Mobile has apparently shut down the attack and is confident that no passwords or sensitive financial data was included in the attack. However, you might want to change your T-Mobile password just in case.

How do I change my password?

You can change your T-Mobile password either online or in the mobile app. These are the requirements for new passwords:

  • Must be between 8-50 characters
  • Must include at least 1 number
  • Must include at least 1 letter
  • Can't contain spaces
  • The last five passwords can't be re-used

What if I don’t receive a text message?

If T-Mobile doesn’t contact you, then the company doesn’t believe your information was compromised.

Is there someone I can call?

You can contact T-Mobile customer service by dialing 611 on your T-Mobile phone to speak with a representative, use two-way messaging on MyT-Mobile.com, the T-Mobile App, or iMessage through Apple Business Chat.

Can I protect my account from this happening again?

Unfortunately, no. This was an attack on T-Mobile's servers, and it's up to the company to beef up security measures to ward off future hacks.

Should I leave T-Mobile?

We wouldn't recommend that, unless you're otherwise unhappy with your service. T-Mobile has acted quickly to shut down the attack, notified authorities, and has been extremely transparent about what happened.

This story, "T-Mobile data breach FAQ: What happened, how it affects you, and what you should do now" was originally published by PCWorld.

  
Shop Tech Products at Amazon