T-Mobile data breach FAQ: What happened, how it affects you, and what you should do now

Close Ad

document.write('');
consent.ads.queue.push(function()
try
IDG.GPT.addDisplayedAd("gpt-superstitial", "true");
$('#gpt-superstitial').responsiveAd(screenSize:'971 1115', scriptTags: );
IDG.GPT.log("Creating ad: gpt-superstitial [971 1115]");

catch (exception)
console.log("Error with IDG.GPT: " + exception);

);

Close Ad

document.write('

Close Ad

Subscribe

▲

Learn more about PCWorld's Digital Editions

News

Reviews

How-To

Video

Business

Laptops

Tablets

Smartphones

Hardware

Security
- Privacy
- Encryption
- Antivirus

Software

Gadgets

Resources

Smartphones

Printers

Ultrabooks

Blogs

Viruses

Cameras

Components

Computer Accessories

Consumer Advice

Digital Assistants

Displays

E-readers

Graphics Cards

Hard Drives

Home Theater

Input Devices

Keyboards

Laptop Accessories

Mobile

Networking

Operating Systems

Optical Drives

Processors

Server Hardware

Smartwatches

Streaming Services

Storage

Tablets

Windows

Privacy

Encryption

Antivirus

Subscribe

▲

Learn more about PCWorld's Digital Editions

News

Reviews

How-To

Video

Business

Laptops

Tablets

Smartphones

Hardware

Security
- Privacy
- Encryption
- Antivirus

Software

Gadgets

Resources

Smartphones

Printers

Ultrabooks

Blogs

Viruses

Cameras

Components

Computer Accessories

Consumer Advice

Digital Assistants

Displays

E-readers

Graphics Cards

Hard Drives

Home Theater

Input Devices

Keyboards

Laptop Accessories

Mobile

Networking

Operating Systems

Optical Drives

Processors

Server Hardware

Smartwatches

Streaming Services

Storage

Tablets

Windows

Privacy

Encryption

Antivirus

Subscribe

▲

Learn more about PCWorld's Digital Editions

Subscribe

▲

Learn more about PCWorld's Digital Editions

Subscribe

▲

Learn more about PCWorld's Digital Editions

▲

Home

News

Reviews

How-To

Video

Business

Laptops

Tablets

Smartphones

Hardware

Security
- Privacy
- Encryption
- Antivirus

Software

Gadgets

Resources

Smartphones

Printers

Ultrabooks

Blogs

Viruses

Cameras

Components

Computer Accessories

Consumer Advice

Digital Assistants

Displays

E-readers

Graphics Cards

Hard Drives

Home Theater

Input Devices

Keyboards

Laptop Accessories

Mobile

Networking

Operating Systems

Optical Drives

Processors

Server Hardware

Smartwatches

Streaming Services

Storage

Tablets

Windows

News

Reviews

How-To

Video

Business

Laptops

Tablets

Smartphones

Hardware

Security
- Privacy
- Encryption
- Antivirus

Software

Gadgets

Resources

Smartphones

Printers

Ultrabooks

Blogs

Viruses

Cameras

Components

Computer Accessories

Consumer Advice

Digital Assistants

Displays

E-readers

Graphics Cards

Hard Drives

Home Theater

Input Devices

Keyboards

Laptop Accessories

Mobile

Networking

Operating Systems

Optical Drives

Processors

Server Hardware

Smartwatches

Streaming Services

Storage

Tablets

Windows

Resources

Smartphones

Printers

Ultrabooks

Blogs

Viruses

Cameras

Components

Computer Accessories

Consumer Advice

Digital Assistants

Displays

E-readers

Graphics Cards

Hard Drives

Home Theater

Input Devices

Keyboards

Laptop Accessories

Mobile

Networking

Operating Systems

Optical Drives

Processors

Server Hardware

Smartwatches

Streaming Services

Storage

Tablets

Windows

Privacy

Encryption

Antivirus

Privacy

Encryption

Antivirus

consent.ads.queue.push(function()
$.getScript( "//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js" )
.done(function( script, textStatus )
//need to add && publisherConsents.gdprApplies back to the end of this conditional after testing
if (!consent.personalization && consent.isEU)
(adsbygoogle=window.adsbygoogle
else ).push();
console.log('*****GDPR: loaded adsense in normal mode');

)
.fail(function( jqxhr, settings, exception )
console.log( "Triggered ajaxError handler." );
);
);

Updated

T-Mobile data breach FAQ: What happened, how it affects you, and what you should do now

try
performance.mark("mark_headline_rendered");

catch(e)
console.log("Error saving performance mark -- this function may not be supported in this browser");

T-Mobile shut it down quickly but says millions of customers may have been affected.

var isValidEmailAddress = isValidEmailAddress || function(emailAddress)
var pattern = new RegExp(/^[+a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+.[a-zA-Z]2,5$/i);
return pattern.test(emailAddress);
;
function encodeQueryData(params)
var ret = ;
for (var paramKey in params)
ret.push(encodeURIComponent(paramKey) + "=" + encodeURIComponent(params[paramKey]));

return ret.join("&");

function bindEmailModal()
$('#emailModal').on("click",".close-btn",function(event)
event.preventDefault();
$('#emailModal').hide();
$("#emailModal .eml-friend").show();
$(".eml-friend-success").hide();
$(".eml-friend-error").hide();
$('#emailModal').fadeOut(200);
$('#email-to').val('');
$('#email-from').val('');
$('#name').val('');
$('#personalization').val('');
$('#eml-from-address-message').html("");
$('#eml-to-address-message').html("");
$('#eml-friend-captcha-message').html("");
);

$('#emailModal').on("submit","form",function(event)
event.preventDefault();
var $form = $(this);
var action = $form.attr('action');
var formData = $form.serialize();
var emailFrom = $('#email-from').val();
var emailTo = $('#email-to').val();
var uresponse=$('#g-recaptcha-response').val();
$('#eml-from-address-message').html("");
$('#eml-to-address-message').html("");
$('#eml-friend-captcha-message').html("");
if (isValidEmailAddress(emailFrom) && isValidEmailAddress(emailTo) && uresponse !="")
// eloqua

// email
$.ajax(action,
type: 'POST',
data: formData,
success: function(data, textStatus, xhr)
$("#emailModal .eml-friend").hide();
$(".eml-friend-success").fadeIn(800);
,
error: function(xhr, textStatus, errorThrown)
$("#emailModal .eml-friend").hide();
$(".eml-friend-error").fadeIn(800);

);

else
if(uresponse=="")
$('#eml-friend-captcha-message').html("Please verify you're not a robot!");

if(!isValidEmailAddress(emailTo))
$('#eml-to-address-message').html("Please enter a valid email address.");

if(!isValidEmailAddress(emailFrom))
$('#eml-from-address-message').html("Please enter a valid email address.");

);
//bindEmailModal() end

$(document).ready(function()
$(document).on("click","#email-icon",function(event)
event.preventDefault();
bindEmailModal();
$('#emailModal').fadeIn(800);
);
);

By Michael Simon

Staff Writer,

PCWorld |

Aug 24, 2018 6:44 PM
PT

consent.ads.queue.push(function()
try
IDG.GPT.addDisplayedAd("gpt-leaderboard", "true");
$('#gpt-leaderboard').responsiveAd(screenSize:'971 1115', scriptTags: );
IDG.GPT.log("Creating ad: gpt-leaderboard [971 1115]");

catch (exception)
console.log("Error with IDG.GPT: " + exception);

);

consent.ads.queue.push(function()
try
IDG.GPT.addDisplayedAd("gpt-leaderboardmobile", "true");
$('#gpt-leaderboardmobile').responsiveAd(screenSize:'971 1115', scriptTags: );
IDG.GPT.log("Creating ad: gpt-leaderboardmobile [971 1115]");

catch (exception)
console.log("Error with IDG.GPT: " + exception);

);

consent.ads.queue.push(function()
if($(window).width() >= 930)
IDG.GPT.addDisplayedAd("gpt-showcase", "true");
$('#gpt-showcase').responsiveAd(screenSize:'971 1115', scriptTags: );
IDG.GPT.log("Creating ad: gpt-showcase - [971 1115]");

);

consent.ads.queue.push(function()
IDG.GPT.addDisplayedAd("inread", "true");
IDG.GPT.displayGoogleTagSlot('inread');
);

Table of Contents

When did the attack take place?

Who implemented the attack?

How did they break in?

How many people are affected?

What did they take?

Was any credit card information obtained?

What about my password?

Social Security number?

How do I know if my information was included in the hack?

What do I do if I receive a text message?

var dataLayer = window.dataLayer = window.dataLayer || ;
dataLayer.push(
'event': 'loadInArticleToc'
);

$(document).ready(function() {
$('.articleBloxAd').filter( ":visible" ).each(function(index, item) {
var id = $(item).attr('id');
var divClass = $(item).attr('class');
var adString = IDG.GPT.getLazyAdCode();
$(item).replaceWith("

" + adString + "

Updated

To

Use commas to separate multiple email addresses

From

Thank you

Your message has been sent.

Sorry

There was an error emailing this page.

By Michael Simon

Staff Writer,

PCWorld |

Aug 24, 2018 6:44 PM
PT

By Michael Simon

Staff Writer,

PCWorld |

Aug 24, 2018 6:44 PM
PT

When did the attack take place?

Early in the morning on Monday, August 20, 2018.

Who implemented the attack?

T-Mobile hasn’t identified a specific group, but a company spokesperson told Motherboard that the hackers were part of an “international group.”

How did they break in?

According to Motherboard, the hackers were able to exploit an internal API (application programming interface) on its servers that handled personal information.

How many people are affected?

T-Mobile said more than 2 million people may have had their information stolen, representing about 3 percent of its 75 million-plus customer base.

What did they take?

T-Mobile says the hackers were able to steal:

Name

Billing address

ZIP code

Phone number

Email address

Account number

Account type (prepaid or postpaid)

Was any credit card information obtained?

T-Mobile says no.

What about my password?

While T-Mobile first denied that any password were stolen as part of the hack, it later amended that statement. Now the company says “encrypted passwords” were among the compromised data. According to Motherboard, the encryption method involved "cryptographic representations of a password."

Social Security number?

Nope, T-Mobile says.

How do I know if my information was included in the hack?

T-Mobile will be sending out text messages to affected customers beginning today. The message will read as follows: Hello—We ID’d & shut down an unauthorized capture of your info. No financial info/SSN taken but some personal info may have been. More: t-mo.co/security

What do I do if I receive a text message?

You don’t have to do anything. T-Mobile has apparently shut down the attack and is confident that no passwords or sensitive financial data was included in the attack. However, you might want to change your T-Mobile password just in case.

How do I change my password?

You can change your T-Mobile password either online or in the mobile app. These are the requirements for new passwords:

Must be between 8-50 characters

Must include at least 1 number

Must include at least 1 letter

Can't contain spaces

The last five passwords can't be re-used

What if I don’t receive a text message?

If T-Mobile doesn’t contact you, then the company doesn’t believe your information was compromised.

Is there someone I can call?

You can contact T-Mobile customer service by dialing 611 on your T-Mobile phone to speak with a representative, use two-way messaging on MyT-Mobile.com, the T-Mobile App, or iMessage through Apple Business Chat.

Can I protect my account from this happening again?

Unfortunately, no. This was an attack on T-Mobile's servers, and it's up to the company to beef up security measures to ward off future hacks.

Should I leave T-Mobile?

We wouldn't recommend that, unless you're otherwise unhappy with your service. T-Mobile has acted quickly to shut down the attack, notified authorities, and has been extremely transparent about what happened.

To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.

Security

T-Mobile

Business

Mobile

Michael Simon covers all things mobile for PCWorld and Macworld. You can usually find him with his nose buried in a screen. The best way to yell at him is on Twitter.

Shop Tech Products at Amazon

Select One
CIO
CIO Asia
Computerworld
CSO
Gamestar
Greenbot
IDG Connect
IDG.tv
InfoWorld
IT News
ITworld
JavaWorld
Macworld
Network World
PCWorld
TechHive
The Full Nerd

Clash Royale CLAN TAG#URR8PPP

A k10h ylKK l5BwzeHMM,0z8tntD0nDgxD5d,siwPQm,MhuFMtU2KPrv8BUzHcaSrtnZ0uFHAdqx

搜尋此網誌

Gtjkyu