Skip to main content
close search
site logo
Dive Brief

T-Mobile suffered another data breach, but industry 'too jaded' to care

Published Aug. 27, 2018
Naomi Eide's headshot
Managing Editor
Flickr

Dive Brief:

  • The latest in a long list of breached companies, last week T-Mobile's cybersecurity team discovered "unauthorized access to certain information." T-Mobile reported 3% of its 77 million customers — about 2.31 million customers — were impacted, the company told CIO Dive in a statement. 
  • Affected customers had names, billing zip codes, phone numbers and email addresses exposed, in addition to some account numbers, according to the announcement. The company said no financial data was compromised. 
  • T-Mobile publicly announced the incident Thursday, just days after the breach was identified. "This was quickly discovered and shut down. There's no ongoing risk," according to T-Mobile. 

Dive Insight:

No matter what security controls are in place, some incidents are difficult to prevent. If companies assume security incidents are inevitable, quick work to remediate impact can help save a company's reputation and maintain customer loyalty. Operating under the assumption of when, not if, a company will suffer a data breach ensures corporate stakeholders always have a response strategy. 

This is not T-Mobile's first rodeo with a data breach. In September 2015, the company's vendor Experian discovered an "unauthorized party" accessed T-Mobile data housed on its server. The 2015 breach was ongoing, impacting customers from Sept. 2013 through Sept. 2015. 

Far more severe than the latest incident, the 2015 data breach exposed sensitive personal customer information, including names, addresses, Social Security numbers and identification numbers, which included driver's license numbers, military IDs or passport numbers. 

Security shortcomings have becomes so routine it is difficult to remain clued into the seriousness of the incident. Data breaches are merely stacked up against one another for experts to muse which is worse and how many more people are impacted. 

"People are too jaded, frankly," said Avivah Litan, VP and distinguished analyst at Gartner, in an interview with CIO Dive. "These breaches are very serious if even it's not [personally identifiable information] data" exposed. 

Unless 150 million records are compromised, "we don't get upset about it," said Litan. 

Companies are also quick to hide behind security audits and controls. But just because companies are compliant doesn't necessarily mean they are secure, according to Litan. "We can't expect audits to catch everything and we hide behind audit safety."

 

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
NeuBird Named a Cool Vendor in the 2024 Gartner® Cool Vendors™ in IT Operations Leveraging Gen…
From NeuBird
November 11, 2024
Graphiant Predicts Transformative Changes in Enterprise Connectivity and Data Assurance for 20…
From Graphiant
November 20, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Newgen and Fadata Join Forces to Optimize Insurance Content Management
From Newgen Software
November 13, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell