The dark web strikes again. A series of seemingly unrelated cyberattacks recently hit two of Europe’s largest telecom companies — T-Mobile and Virgin Media. Even though Virgin Media users’ financial data remains safe for now, plenty of private information, such as names, addresses, and phone numbers have been stolen.
However, T-Mobile had it much worse. The German telecom giant reports that the stolen data included bank account numbers, Social Security Numbers, and other sensitive financial info. For now, both companies are still in the process of damage control. And surprisingly, they do not plan on changing their security policies anytime soon.
In early March, T-Mobile reported that they found signs of unauthorized access to their employees’ email service. According to their report, hackers found their way into the company’s emails, which contained a huge amount of customer data. The stolen data ranges from customer names, addresses, payment rates and data plans, all the way to Social Security Numbers and billing details.
Soon after, T-Mobile sent SMS messages to all users to inform them of the breach. In addition, they granted all users who lost their financial data a free two-year subscription to an identity theft prevention service. On the other hand, customers whose personal info was affected received no such thing.
What’s more, this attack was the second data breach that T-Mobile has seen in the last six months. Namely, the previous data breach affected more than a million users. And they still haven’t released any concrete number of affected users in the current breach.
UK’s Virgin Media claim that they noticed a breach in their marketing database on February 28 and immediately shut it down. They also launched an investigation, which quickly showed that the hackers had access to the system for almost a year! Reportedly, someone at Virgin Media configured the marketing database incorrectly, thereby allowing access to unauthorized users.
During that time, more than 15% of their customers’ data was exposed, which is about 900,000 people. The exposed personal info included names, phone numbers, and home addresses. Fortunately, the affected data didn’t include any billing details or other sensitive financial data.
In light of the breach, Virgin Media quickly issued an apology, along with tips on how to reduce the risk of phishing and identity theft. In addition, they contacted all affected users to inform them of the data leak.