Author: Reza Rafati, Malware Research Analyst, RedSocks B.V.
T-Mobile is one among many companies being targeted by hackers in recent times. Reportedly, T-Mobile USA became a victim of an incredible hack which resulted in the theft of 15 million T-Mobile customer records including Social Security numbers, addresses, customer names, birthdays as well as sensitive identification numbers.
Social security number, addresses and phone numbers
The criminal(s) responsible for the cyber-attack on T-Mobile can use the acquired information to generate revenue utilizing various methods. The most predominant step the cyber-criminal(s) can take is to sell the acquired information to (malicious) third-parties. The latter can use this information for a number of criminal activities including identify theft.
Steps T-Mobile customers should take
The T-Mobile hack has a tremendous impact on customers of T-Mobile in the United States. In order to minimize negative effects of this hack on your personal life, we strongly urge you to take the following steps immediately:
Change your T-Mobile password to a passphrase.(a sequence of words or other text used to control access to a computer system)
Stay on high alert for any “weird” or out of the ordinary phone calls and text messages. (You might be targeted in a phishing attack)
Change the passwords of all other platforms on which you used the same password as T-Mobile.
Inform your bank about the fact that your sensitive information might have been compromised during the T-Mobile hack. Ask the bank for feedback related to future steps you should take to enforce the security status of your personal belongings.
Steps corporations should take to minimize the damage resulting from hacks
Corporations will always be targeted by hackers in order to acquire customer and corporate data. Fortunately, actions can be taken in order to make it difficult for hackers to penetrate the security your system including:
- Using advanced passwords
- Using secure connections (VPN)
- Two-factor authentication
- Anti-malware software/ hardware
- Use encryption
No matter how secure your system is, hackers will always be able to access it if given enough time. It is pivotal to be able to detect when your security has been compromised as soon as possible in order to minimize the damage being done by cyber-criminals. Advanced detection systems, such as the RedSocks Threat Defender are able to detect hackers and compromised systems within hours. This will allow for minimal customer data being stolen when your system is hacked. With relation to online systems, it’s a question of when, not if it will be hacked.