T-Mobile's Latest Security Disaster Is Revealing Personal User Data To Other Customers

Update 9/20/2023: T-Mobile has reached out to SlashGear with a statement regarding this issue. "There was no cyberattack or breach at T-Mobile. This was a temporary system glitch related to a planned overnight technology update involving limited account information for fewer than 100 customers, which was quickly resolved," the company said.

Advertisement

According to T-Mobile customers posting on X (formerly known as Twitter) this morning, account holders are able to view sensitive data from other users' accounts while logged in. That information includes credit card numbers, home addresses, and purchase history of other users. T-Mobile is aware of the issue and suggested on X that customers communicate with the company regarding the snafu via direct messages.

Advertisement

At least one T-Mobile customer also reports being able to view details from multiple other accounts, with the information changing approximately every 15 minutes.

A person associated with the company also posted a message on Reddit to discourage discussing the breach so as to not "exacerbate the issue." Additional information was later added to the subreddit stating that, "So far it appears only a very few accounts are affected. It is likely your own accounts are not affected." Regardless of how many accounts are affected, this latest incident marks the third involving compromised security this year alone for T-Mobile, which recently released a series of affordable (or free) proprietary 5g devices.

This is just the latest in a series of embarrassing breaches

In January, the company announced that personal information was harvested from 37 million customer accounts by a bad actor. Recommendations were made for T-Mobile customers to immediately change their PIN numbers and passwords, as well as monitoring their credit reports for suspicious activity.

Advertisement

As if the optics of the January breach weren't bad enough, a repeat incident occurred in May. Thankfully, only 836 customers were affected in the May occurrence, although actual Social Security numbers may have been compromised. Those impacted were offered free identity theft protection and credit score monitoring for two years, courtesy of T-Mobile.

Note that T-Mobile's security issues this year pale in comparison to a 2021 breach that exposed more than 100 million customers' personal data, such as home address and date of birth, both valuable tidbits for identity thieves. However, unlike prior mishaps, customers involved in the latest debacle are in the unique position of personally witnessing their sensitive information being compromised in real time, as opposed to being notified by the company after the fact.

Advertisement

Recommended

Advertisement