T-Mobile has you burned. Yet again.
After a massive data breach that exposed nearly 50 million users' data to hackers, T-Mobile, a mobile carrier well-known for its litigiousness and magenta hues, is back in the news. T-Mobile doesn't say when or how it will notify the majority of affected customers. We asked repeatedly. It's up you to shut down that digital stable.
T-Mobile posted a blog on Thursday detailing the steps customers should take in order to secure their accounts. Before we get to that, let's not forget the scale and scope of the data that was stolen. Not to mention the chaos that criminals can create with this information.
T-Mobile claims that hackers have gained access to full names, birth dates, social security numbers, driver's licenses and other information for 47.8 millions of current and past postpaid customers. T-Mobile claims that 850,000 additional prepaid customers were affected by the hacker's access to their phone numbers and account pins.
This is bad. Hackers have everything they need to SIM-swap victims' accounts, gaining control over their phone numbers and names. Even worse is the fact that all types of account password resets almost always go to owners' phones. This means that there is a real risk that T-Mobile customers could have their entire social media accounts and bank accounts taken over by T-Mobile.
This concern is one that untold numbers of SIM swap victims have only too late realized.
T-Mobile repeatedly refused to answer our questions about when and how it would notify customers whose data was compromised in the hack. T-Mobile wouldn't give any specific details.
A spokesperson for the company said that they could not add any more information beyond what was in the press release posted last night. "While our investigation continues, we shared our initial findings even though we might learn more facts during our investigation that could cause the details or evolve."
T-Mobile's August 17 press release only states that it will "notify accordingly right away" accounts whose PINs have been stolen. T-Mobile could still leave 47.8 millions victims in the dark, even if it does this.
T-Mobile's recommendations and reasons why they are not enough
T-Mobile's August 19th website was created to help customers navigate through the most recent data breach.
T-Mobile's helpfulness is evident in the two first steps: sign up for an identity theft monitoring system and activate T-Mobile Scan Shield, a free service that offers futuristic cybersecurity tools such as Caller ID.
The blog post states that "We encourage" you to take these actions as soon and as quickly as possible.
T-Mobile offers a service called "Account takeover protection service" for postpaid customers. This is designed to protect against fraudulently porting out or stealing your number (postpaid only). This service may help to protect your account if you are a postpaid customer. For the 850,000 prepaid customers who had their PINs stolen, this security feature is only for postpaid customers.
It won't help the millions of T-Mobile customers who have never had accounts.
T-Mobile also suggests that people "remain vigilant" in order to avoid "phishing" emails.
How to change your TMobile account PIN
If you are a T-Mobile customer, you should change your PIN. This will make it much harder for hackers to SIM swap your phone number if they have your PIN.
To change your T-Mobile PIN:
Log in to your T-Mobile account. Click the MY TIME drop-down menu and select My Profile > Profile information Scroll down. Next to Change PIN, click Edit. Enter your new PIN twice then select Save
SEE ALSO: Why a secret number is necessary (and how you can get one)
That's all. T-Mobile has never done so much to protect you.
