T-Mobile data breach FAQ: What happened, how it affects you, and what you should do now
Multi tool use
Close Ad
document.write('
consent.ads.queue.push(function()
try
IDG.GPT.addDisplayedAd("gpt-superstitial", "true");
$('#gpt-superstitial').responsiveAd(screenSize:'971 1115', scriptTags: );
IDG.GPT.log("Creating ad: gpt-superstitial [971 1115]");
catch (exception)
console.log("Error with IDG.GPT: " + exception);
);
Close Ad
document.write('
Close Ad
Subscribe
▲
Learn more about PCWorld's Digital Editions
Home
Subscribe
▲
Learn more about PCWorld's Digital Editions
Home
Subscribe
▲
Learn more about PCWorld's Digital Editions
Subscribe
▲
Learn more about PCWorld's Digital Editions
Subscribe
▲
Learn more about PCWorld's Digital Editions
Learn more about PCWorld's Digital Editions
Home
consent.ads.queue.push(function()
$.getScript( "//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js" )
.done(function( script, textStatus )
//need to add && publisherConsents.gdprApplies back to the end of this conditional after testing
if (!consent.personalization && consent.isEU)
(adsbygoogle=window.adsbygoogle
else ).push();
console.log('*****GDPR: loaded adsense in normal mode');
)
.fail(function( jqxhr, settings, exception )
console.log( "Triggered ajaxError handler." );
);
);
T-Mobile data breach FAQ: What happened, how it affects you, and what you should do now
try
performance.mark("mark_headline_rendered");
catch(e)
console.log("Error saving performance mark -- this function may not be supported in this browser");
T-Mobile shut it down quickly but says millions of customers may have been affected.
var isValidEmailAddress = isValidEmailAddress || function(emailAddress)
var pattern = new RegExp(/^[+a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+.[a-zA-Z]2,5$/i);
return pattern.test(emailAddress);
;
function encodeQueryData(params)
var ret = ;
for (var paramKey in params)
ret.push(encodeURIComponent(paramKey) + "=" + encodeURIComponent(params[paramKey]));
return ret.join("&");
function bindEmailModal()
$('#emailModal').on("click",".close-btn",function(event)
event.preventDefault();
$('#emailModal').hide();
$("#emailModal .eml-friend").show();
$(".eml-friend-success").hide();
$(".eml-friend-error").hide();
$('#emailModal').fadeOut(200);
$('#email-to').val('');
$('#email-from').val('');
$('#name').val('');
$('#personalization').val('');
$('#eml-from-address-message').html("");
$('#eml-to-address-message').html("");
$('#eml-friend-captcha-message').html("");
);
$('#emailModal').on("submit","form",function(event)
event.preventDefault();
var $form = $(this);
var action = $form.attr('action');
var formData = $form.serialize();
var emailFrom = $('#email-from').val();
var emailTo = $('#email-to').val();
var uresponse=$('#g-recaptcha-response').val();
$('#eml-from-address-message').html("");
$('#eml-to-address-message').html("");
$('#eml-friend-captcha-message').html("");
if (isValidEmailAddress(emailFrom) && isValidEmailAddress(emailTo) && uresponse !="")
// eloqua
$.ajax(action,
type: 'POST',
data: formData,
success: function(data, textStatus, xhr)
$("#emailModal .eml-friend").hide();
$(".eml-friend-success").fadeIn(800);
,
error: function(xhr, textStatus, errorThrown)
$("#emailModal .eml-friend").hide();
$(".eml-friend-error").fadeIn(800);
);
else
if(uresponse=="")
$('#eml-friend-captcha-message').html("Please verify you're not a robot!");
if(!isValidEmailAddress(emailTo))
$('#eml-to-address-message').html("Please enter a valid email address.");
if(!isValidEmailAddress(emailFrom))
$('#eml-from-address-message').html("Please enter a valid email address.");
);
//bindEmailModal() end
$(document).ready(function()
$(document).on("click","#email-icon",function(event)
event.preventDefault();
bindEmailModal();
$('#emailModal').fadeIn(800);
);
);
Thank you
Your message has been sent.
Sorry
There was an error emailing this page.
By Michael Simon
Staff Writer,
PCWorld |
Aug 24, 2018 6:44 PM
PT
consent.ads.queue.push(function()
try
IDG.GPT.addDisplayedAd("gpt-leaderboard", "true");
$('#gpt-leaderboard').responsiveAd(screenSize:'971 1115', scriptTags: );
IDG.GPT.log("Creating ad: gpt-leaderboard [971 1115]");
catch (exception)
console.log("Error with IDG.GPT: " + exception);
);
consent.ads.queue.push(function()
try
IDG.GPT.addDisplayedAd("gpt-leaderboardmobile", "true");
$('#gpt-leaderboardmobile').responsiveAd(screenSize:'971 1115', scriptTags: );
IDG.GPT.log("Creating ad: gpt-leaderboardmobile [971 1115]");
catch (exception)
console.log("Error with IDG.GPT: " + exception);
);
try
performance.clearMarks("mark_primary_img_rendered");
performance.mark("mark_primary_img_rendered");
catch(e)
console.log("Error saving performance mark -- this function may not be supported in this browser");
Magdalena Petrova
What to do after a data breach: 5 steps to minimize risk
T-Mobile will reportedly sell the OnePlus 6T, which is great… for everyone but...
Details on AT&T's newly revamped streaming TV service
Video
What you need to know about Meltdown and Spectre
consent.ads.queue.push(function()
if($(window).width() >= 930)
IDG.GPT.addDisplayedAd("gpt-showcase", "true");
$('#gpt-showcase').responsiveAd(screenSize:'971 1115', scriptTags: );
IDG.GPT.log("Creating ad: gpt-showcase - [971 1115]");
);
consent.ads.queue.push(function()
IDG.GPT.addDisplayedAd("inread", "true");
IDG.GPT.displayGoogleTagSlot('inread');
);
- When did the attack take place?
- Who implemented the attack?
- How did they break in?
- How many people are affected?
- What did they take?
- Was any credit card information obtained?
- What about my password?
- Social Security number?
- How do I know if my information was included in the hack?
- What do I do if I receive a text message?
var dataLayer = window.dataLayer = window.dataLayer || ;
dataLayer.push(
'event': 'loadInArticleToc'
);
$(document).ready(function() {
$('.articleBloxAd').filter( ":visible" ).each(function(index, item) {
var id = $(item).attr('id');
var divClass = $(item).attr('class');
var adString = IDG.GPT.getLazyAdCode();
$(item).replaceWith("
var isValidEmailAddress = isValidEmailAddress || function(emailAddress)
var pattern = new RegExp(/^[+a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+.[a-zA-Z]2,5$/i);
return pattern.test(emailAddress);
;
function encodeQueryData(params)
var ret = ;
for (var paramKey in params)
ret.push(encodeURIComponent(paramKey) + "=" + encodeURIComponent(params[paramKey]));
return ret.join("&");
function bindEmailModal()
$('#emailModal').on("click",".close-btn",function(event)
event.preventDefault();
$('#emailModal').hide();
$("#emailModal .eml-friend").show();
$(".eml-friend-success").hide();
$(".eml-friend-error").hide();
$('#emailModal').fadeOut(200);
$('#email-to').val('');
$('#email-from').val('');
$('#name').val('');
$('#personalization').val('');
$('#eml-from-address-message').html("");
$('#eml-to-address-message').html("");
$('#eml-friend-captcha-message').html("");
);
$('#emailModal').on("submit","form",function(event)
event.preventDefault();
var $form = $(this);
var action = $form.attr('action');
var formData = $form.serialize();
var emailFrom = $('#email-from').val();
var emailTo = $('#email-to').val();
var uresponse=$('#g-recaptcha-response').val();
$('#eml-from-address-message').html("");
$('#eml-to-address-message').html("");
$('#eml-friend-captcha-message').html("");
if (isValidEmailAddress(emailFrom) && isValidEmailAddress(emailTo) && uresponse !="")
// eloqua
$.ajax(action,
type: 'POST',
data: formData,
success: function(data, textStatus, xhr)
$("#emailModal .eml-friend").hide();
$(".eml-friend-success").fadeIn(800);
,
error: function(xhr, textStatus, errorThrown)
$("#emailModal .eml-friend").hide();
$(".eml-friend-error").fadeIn(800);
);
else
if(uresponse=="")
$('#eml-friend-captcha-message').html("Please verify you're not a robot!");
if(!isValidEmailAddress(emailTo))
$('#eml-to-address-message').html("Please enter a valid email address.");
if(!isValidEmailAddress(emailFrom))
$('#eml-from-address-message').html("Please enter a valid email address.");
);
//bindEmailModal() end
$(document).ready(function()
$(document).on("click","#email-icon",function(event)
event.preventDefault();
bindEmailModal();
$('#emailModal').fadeIn(800);
);
);
Thank you
Your message has been sent.
Sorry
There was an error emailing this page.
Thank you
Your message has been sent.
Sorry
There was an error emailing this page.
To
Use commas to separate multiple email addresses
From
Privacy Policy
Thank you
Your message has been sent.
Sorry
There was an error emailing this page.
By Michael Simon
Staff Writer,
PCWorld |
Aug 24, 2018 6:44 PM
PT
By Michael Simon
Staff Writer,
PCWorld |
Aug 24, 2018 6:44 PM
PT
consent.ads.queue.push(function()
try
IDG.GPT.addDisplayedAd("gpt-leaderboard", "true");
$('#gpt-leaderboard').responsiveAd(screenSize:'971 1115', scriptTags: );
IDG.GPT.log("Creating ad: gpt-leaderboard [971 1115]");
catch (exception)
console.log("Error with IDG.GPT: " + exception);
);
consent.ads.queue.push(function()
try
IDG.GPT.addDisplayedAd("gpt-leaderboard", "true");
$('#gpt-leaderboard').responsiveAd(screenSize:'971 1115', scriptTags: );
IDG.GPT.log("Creating ad: gpt-leaderboard [971 1115]");
catch (exception)
console.log("Error with IDG.GPT: " + exception);
);
try
performance.clearMarks("mark_primary_img_rendered");
performance.mark("mark_primary_img_rendered");
catch(e)
console.log("Error saving performance mark -- this function may not be supported in this browser");
Magdalena Petrova
What to do after a data breach: 5 steps to minimize risk
T-Mobile will reportedly sell the OnePlus 6T, which is great… for everyone but...
Details on AT&T's newly revamped streaming TV service
Video
What you need to know about Meltdown and Spectre
What to do after a data breach: 5 steps to minimize risk
T-Mobile will reportedly sell the OnePlus 6T, which is great… for everyone but...
Details on AT&T's newly revamped streaming TV service
Video
What you need to know about Meltdown and Spectre
consent.ads.queue.push(function()
if($(window).width() >= 930)
IDG.GPT.addDisplayedAd("gpt-showcase", "true");
$('#gpt-showcase').responsiveAd(screenSize:'971 1115', scriptTags: );
IDG.GPT.log("Creating ad: gpt-showcase - [971 1115]");
);
consent.ads.queue.push(function()
IDG.GPT.addDisplayedAd("inread", "true");
IDG.GPT.displayGoogleTagSlot('inread');
);
- When did the attack take place?
- Who implemented the attack?
- How did they break in?
- How many people are affected?
- What did they take?
- Was any credit card information obtained?
- What about my password?
- Social Security number?
- How do I know if my information was included in the hack?
- What do I do if I receive a text message?
Update 9:30 p.m. EST: T-Mobile now says “encrypted passwords” were included in the stolen data.
T-Mobile has reported that its cyber-security team “discovered and shut down an unauthorized access to certain information, including yours, and we promptly reported it to authorities.” In plain English, that means someone somewhere may have your personal information. Here’s everything you need to know about what may have been stolen and how to protect your account:
When did the attack take place?
Early in the morning on Monday, August 20, 2018.
Who implemented the attack?
T-Mobile hasn’t identified a specific group, but a company spokesperson told Motherboard that the hackers were part of an “international group.”
How did they break in?
According to Motherboard, the hackers were able to exploit an internal API (application programming interface) on its servers that handled personal information.
How many people are affected?
T-Mobile said more than 2 million people may have had their information stolen, representing about 3 percent of its 75 million-plus customer base.
What did they take?
T-Mobile says the hackers were able to steal:
- Name
- Billing address
- ZIP code
- Phone number
- Email address
- Account number
- Account type (prepaid or postpaid)
Was any credit card information obtained?
T-Mobile says no.
What about my password?
While T-Mobile first denied that any password were stolen as part of the hack, it later amended that statement. Now the company says “encrypted passwords” were among the compromised data. According to Motherboard, the encryption method involved "cryptographic representations of a password."
Social Security number?
Nope, T-Mobile says.
How do I know if my information was included in the hack?
T-Mobile will be sending out text messages to affected customers beginning today. The message will read as follows: Hello—We ID’d & shut down an unauthorized capture of your info. No financial info/SSN taken but some personal info may have been. More: t-mo.co/security
What do I do if I receive a text message?
You don’t have to do anything. T-Mobile has apparently shut down the attack and is confident that no passwords or sensitive financial data was included in the attack. However, you might want to change your T-Mobile password just in case.
How do I change my password?
You can change your T-Mobile password either online or in the mobile app. These are the requirements for new passwords:
- Must be between 8-50 characters
- Must include at least 1 number
- Must include at least 1 letter
- Can't contain spaces
- The last five passwords can't be re-used
What if I don’t receive a text message?
If T-Mobile doesn’t contact you, then the company doesn’t believe your information was compromised.
Is there someone I can call?
You can contact T-Mobile customer service by dialing 611 on your T-Mobile phone to speak with a representative, use two-way messaging on MyT-Mobile.com, the T-Mobile App, or iMessage through Apple Business Chat.
Can I protect my account from this happening again?
Unfortunately, no. This was an attack on T-Mobile's servers, and it's up to the company to beef up security measures to ward off future hacks.
Should I leave T-Mobile?
We wouldn't recommend that, unless you're otherwise unhappy with your service. T-Mobile has acted quickly to shut down the attack, notified authorities, and has been extremely transparent about what happened.
Get PCWorld's Digital Editions
Subscribe Now
Visit other IDG sites:
Select One
CIO
CIO Asia
Computerworld
CSO
Gamestar
Greenbot
IDG Connect
IDG.tv
InfoWorld
IT News
ITworld
JavaWorld
Macworld
Network World
PCWorld
TechHive
The Full Nerd
Copyright © 2018 IDG Communications, Inc.
Get PCWorld's Digital Editions
Subscribe Now
Visit other IDG sites:
Select One
CIO
CIO Asia
Computerworld
CSO
Gamestar
Greenbot
IDG Connect
IDG.tv
InfoWorld
IT News
ITworld
JavaWorld
Macworld
Network World
PCWorld
TechHive
The Full Nerd
Copyright © 2018 IDG Communications, Inc.
Get PCWorld's Digital Editions
Subscribe Now
Select One
CIO
CIO Asia
Computerworld
CSO
Gamestar
Greenbot
IDG Connect
IDG.tv
InfoWorld
IT News
ITworld
JavaWorld
Macworld
Network World
PCWorld
TechHive
The Full Nerd
Copyright © 2018 IDG Communications, Inc.
Clash Royale CLAN TAG#URR8PPP
