The telecommunications provider T-Mobile has disclosed a data breach after it became aware that some of its customers were allegedly victims of SIM swap attacks.

Crooks conduct SIM swapping attacks to take control of victims’ phone numbers tricking the mobile operator employees into porting them to SIMs under the control of the fraudsters. Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts. The criminals could hijack social media accounts and bypass 2FA services based on SMS used by online services, including financial ones.

The exposed information may have included customers’ full name, address, email address, account number, social security number, customer account personal identification number (PIN), account security questions and answers, date of birth, plan information, and the number of lines subscribed associated with the account.

The hackers used an internal T-Mobile application to target up to 400 customers in SIM swap attack attempts, the security breach did not impact business customers.

Impacted T-Mobile customers are recommended to change their password, PIN, and security questions.T-Mobile offers two years of free credit monitoring and identity theft detection services to impacted customers.Unfortunately, this isn’t the first data breach suffered by T-Mobile in the past years.

In 2017, hackers stole some personal information belonging to T-Mobile customers by exploiting a well-known vulnerability.

In May 2018, a flaw in T-Mobile’s website allowed anyone to access the personal account details of any customer by providing their mobile number.

In August 2018, T-Mobile suffered a security breach that exposed the personal information of up to 2 million T-mobile customers.

In November 2019, the US branch of the telecommunications giant T-Mobile disclosed a security breach that according to the company impacted a small number of customers of its prepaid service.

In March 2020, the wireless carrier T-Mobile was victims of a sophisticated cyber attack that targeted its email vendor.

In December 2020, the company disclosed a new data breach that exposed customers’ network information (CPNI), including phone numbers and calls records.