After a recent cyber attack on T-Mobile U.S. Inc. that exposed the personal information of more than 53 million users, Massachusetts attorney general Maura Healey announced that she would begin investigations into the matter.
The breach exposed names, birthdays, social security numbers, driver’s license numbers, PIN codes, and numerous other counts of data. In total, an estimated 13 million current and 40 million former and prospective T-Mobile users were exposed.
This is only one of many cyber attacks that have occurred over the course of the last year. There were breaches in cybersecurity everywhere from the banking industry, to gas pipelines, and the food industry.
T-Mobile has released a statement saying that the breach didn’t expose any customer’s financial, credit card, or other payment information, but that doesn’t quell the fears that customers are losing all their privacy.
T-Mobile’s CEO Mike Sievert said that the company’s investigation into the breach was “substantially complete”, while they continue cooperation with law enforcement. He apologized for the hack and announced they hired Mandiant – a cyber security company – in the hopes that they can shore up their cyber defenses.
I want to assure you that our @TMobile team is doing their best to get answers to your questions about our recent cyberattack. As our investigation continues, we've launched a website dedicated to providing you more information and details on how we're working to protect you.
— Mike Sievert (@MikeSievert) August 18, 2021
Attorney General Healey plans to investigate whether or not the company had proper safeguard measures in place to protect customers’ information and mobile devices.
But who was responsible for the attack?
John Binns, a 21-year-old American living in Turkey fessed up and claimed responsibility for the attack in an interview with The Wall Street Journal. He stated that he committed the hack in part for the attention, but also called out the phone company for their awful security.
He also declined to admit whether or not he’d sold any of the data, or whether he worked alone or with a partner.
Unfortunately, once your personal data has been compromised, there is really no “getting it back”. What is most important is keeping tabs on it and ensuring that you have protections in place to protect your identity from theft.
