T-Mobile is warning that a data breach exposed personally identifiable information (PII) for millions of customers including names, dates of birth, phone numbers, government identification numbers, Social Security numbers and driver’s license/ID information.
Stolen T-Mobile customer records went up for sale in the cybercrime underground within 48 hours after the company’s announcement. Bad actors could potentially use the data to compromise accounts of Washington state residents.
What can agencies do:
- Agencies that use web applications requiring any of the PII that was exposed (I.e., names, dates of birth, Social Security numbers, etc.) should warn users about the T-Mobile data breach.
- Request all customers or former customers to take the steps recommended by T-Mobile to protect themselves.
- Direct users to change their passwords used on the agency web applications and recommend that they monitor their credit and/or bank account information (if applicable) for suspicious transactions.