T-Mobile confirms SIM swapping attacks led to breach

This caps a rough year for the carrier after multiple data breaches.
Written by Jonathan Greig, Contributor

T-Mobile has confirmed a data breach that was caused in part by SIM swapping attacks, according to a statement from the company.

The T-Mo Report, a blog tracking T-Mobile, obtained internal reports showing that some data was leaked from a subset of customers. 

Some individuals had their customer proprietary network information (CPNI) leaked, which includes information about a customer's plan, the number of lines, the phone numbers, the billing account, and more. Others had their SIMs swapped. 

Some were victims of both the CPNI leak and the SIM swaps.

When pressed for comment by ZDNet, T-Mobile refused to go into detail about the attack and would not say how many customers were affected in the incident.

"Our people and processes worked as designed to protect our customers from this type of attempted fraud that unfortunately occurs all too frequently in our industry," a T-Mobile representative said in response to questions from ZDNet. 

The company told CNET and Bleeping Computer that it sent notices to "a small number of customers" who were dealing with SIM swapping attacks, calling the attacks "a common industry-wide occurrence."

A T-Mobile representative tweeted to say the company "is taking immediate steps to help protect all individuals who may be at risk from this cyberattack." 

The company experienced a massive data breach in August that exposed sensitive information from over 50 million current, former, and prospective customers. This included names, addresses, social security numbers, driver's licenses, and ID information. 

T-Mobile users have long criticized the carrier for its lackluster support for SIM swapping victims. The company has repeatedly announced SIM swapping attacks and data breaches since 2018. 

Editorial standards