We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

T-Mobile Reports Second Data Breach of 2023

T-Mobile Reports Second Data Breach of 2023
Author Image Husain Parvez
Husain Parvez Published on 4th May 2023 Cybersecurity Researcher

T-Mobile disclosed a cybersecurity breach on Monday, marking its second of the year and 9th since 2018. From February 24th to March 30th, the breach exposed sensitive customer data. As per a notification on the Maine Attorney General's website, a total of 836 customers were affected by this incident.

Although previous data breaches targeting T-Mobile have impacted many more people, such as the breach reported earlier this year that affected 37 million customers, the recent incident is no less concerning. Despite only 836 customers being affected, a significant amount of personal information was exposed, leaving these individuals vulnerable to identity theft and phishing attacks.

"In March 2023, the measures we have in place to alert us to unauthorized activity worked as designed. We were able to determine that a bad actor gained access to limited information from a small number of T-Mobile accounts between late February and March 2023," stated T-Mobile in data breach notification letters sent to those affected. The company has not disclosed the method used by the hacker to access T-Mobile's systems.

Although the exact data exposed in the breach varied for each customer, T-Mobile stated that it could include “full name, contact information, account number and associated phone numbers, T-Mobile accounts PIN, social security number, government ID, date of birth, balance due, internal codes that T-Mobile uses to service customer accounts (for example, rate plan and feature codes), and the number of lines."

T-Mobile clarified that the breach did not result in unauthorized access to personal financial information or call records. However, the personally identifiable information that was exposed could still be sufficient for identity theft.

To mitigate the breach's impact, T-Mobile has proactively reset the account PINs of affected customers. These PINs are used by customers to verify their identity when making account changes. They are also offering two years of free credit monitoring and identity theft protection services (provided by myTrueIdentity) to all impacted individuals.

T-Mobile's recent disclosure of a data breach marks the ninth incident the company has reported since 2018 — this year alone, T-Mobile has already experienced two breaches. This indicates a concerning pattern of security vulnerabilities.

About the Author

Husain Parvez is a Cybersecurity Researcher and News Writer at vpnMentor, focusing on VPN reviews, detailed how-to guides, and hands-on tutorials. Husain is also a part of the vpnMentor Cybersecurity News bulletin and loves covering the latest events in cyberspace and data privacy.