OP 11 February, 2023 - 12:25 PM
from the 8-k filing
the api abused by the bad actor does not provide access to any customer payment card information, SSN, TAX, IDs or other government ID numbers ... so none of this information was exposed.
rather, the impacted API is only able to provide a limited set of customer account data, including name, billing address, email, phone number, Dob, T-mobile account number and information such as the number of lines on the account and plan features. The preliminary result from the investigation indicates that the bad actor or actors obtained data from this API for approximately 37 million current postpaid and prepaid customer accounts, though many of these account did not include the full data set.
what do you think about that guys ?
the api abused by the bad actor does not provide access to any customer payment card information, SSN, TAX, IDs or other government ID numbers ... so none of this information was exposed.
rather, the impacted API is only able to provide a limited set of customer account data, including name, billing address, email, phone number, Dob, T-mobile account number and information such as the number of lines on the account and plan features. The preliminary result from the investigation indicates that the bad actor or actors obtained data from this API for approximately 37 million current postpaid and prepaid customer accounts, though many of these account did not include the full data set.
what do you think about that guys ?
![[Image: zJsf0lIk8BGNPkHK.gif]](https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fshare.creavite.co%2FzJsf0lIk8BGNPkHK.gif)