T-Mobile Security and the Equifax Hack

thefrostking

    I just got off the phone with a T-Mobile support rep and a Tech expert  did not have answers as to how our accounts can be further secured after the Equifax hack.

     

    The Equifax hack is a bigger deal than others because this time names, addresses, SSNs, and driver licenses were stolen, not simple stuff like emails and credit cards.

     

    Nothing is stopping somebody from calling up with up with my name and sovial, switching an active SIM card to one owned by the malicious person and then bypassing two-factor authentication (on my banks, social networks, etc) because my phone number has been changed to a new device.

     

    This is needs to be brought to T-Mobile’s attention.

      All replies

      • gramps28

        Re: T-Mobile Security and the Equifax Hack

        I'm sure the higher ups are devising a plan and the lower level tier support reps just aren't informed yet.

        • tmo_mike_c

          Re: T-Mobile Security and the Equifax Hack

          Hey thefrostking, I completely understand where you're coming from, and this is very important to T-Mobile. If you are concerned about if you're information you can check the Equifax website to check into this. As for your T-Mobile account, we recommend that you create a password to help give it some extra protection (if you don't have one set up already). T-Mobile is aware of the Equifax breach and we do have measures in place to protect your account as well as report any suspicious activity to the right people.

          1 of 1 people found this helpful
          • barcodeable

            Re: T-Mobile Security and the Equifax Hack

            I have done the password protection on my tmobile account several months ago as tmo_mike_c  suggested. And each time i have called to ask about my account, even when I sought out help using the expertise of T-Force via Twitter, the tmobile rep all asked to verify my secured password. I have done this because I didn't want someone claiming to be me and make changes to my account. I know there isn't a 100% way to prevent someone for getting into my account, but I feel a little bit at ease for this added security measure.

            • barcodeable

              Re: T-Mobile Security and the Equifax Hack

              I will try that next time

               

              If i am able to get into my account with only the last 4 of my social... I don't see any point in adding a separate password for added security. It's very much like locking your front door but putting a spare key under the doormat

              • thefrostking

                Re: T-Mobile Security and the Equifax Hack

                That’s what makes this hack so serious. Many services, banks especially, use your social in order to identify you or provide access to an inaccessible account.

                  • gramps28

                    Re: T-Mobile Security and the Equifax Hack

                    And most banks have a set protocol when calling or trying to access the bank on line

                    from a different computer.

                     

                    When I got my new tablet and accessed my bank account and credit cards I had to verify my account information

                    with security questions.

                     

                    Also I have a very common name and with a security breach being common place these days I'm not going to go all

                    Chicken Little about the sky is falling.

                  • barcodeable

                    Re: T-Mobile Security and the Equifax Hack

                     

                    This is a serious issue. I am concerned with someone havking into my bank accounts and using the little money I have. I live paycheck to paycheck so if someone hack into my bank account and use more than $25 bucks would start a domino effect of bounced checks My primary concern is someone hacking into my T-Mobile account and migrating my Simple Choice Promo Plan to the T-Mobile ONE Plan  Noooooooooo!!!!! Take the money out of my bank account, but leave my Simple Choice Plan alone.

                    • 360-540-4898

                      Re: T-Mobile Security and the Equifax Hack

                      I hope that someone is not already trying to get into t-mobile accounts from this Equifax hack just recently, like last year after the Experian Hack.  Oddly around the time t-mobile was putting up a redesigned website, and their site was down around the 12th of September 2017 for quite a while either through their website, or the t-mobile smartphone app.  I thought that was weird, because i was trying to pay my bill that day.  So, I tried to login on September 13, 2017, but i was unable to login with my password, that is stored in a password manager.  So, i called t-mobile, and of course, I told them i was unable to login to my account now, and then, they had to reset my password, which i never changed.  Most people would think, hey you just forgot your password, it's your fault.  Well, i had to reset my password, and was able to get logged on ok, no problem, and stored the new password in my password manager.

                       

                      Here's where it gets strange.  Received an e-mail from t-mobile on September 20, 2017 around 10:04 PM PST (not phishing e-mail, I verified the header.) and it said that basically my password was just reset.  So, I called t-mobile within 4 minutes of getting that e-mail, and then I got someone very quickly on support.  I told him the issue with my t-mobile account, and the e-mail that i received, and he said that he could see no issues with my account, but he would report the incident.  So, i tried to login, and their web interface said my password was now expired.  Again, I had to change my password, and now, I'm back in ok.  Very strange that i get a message my password was reset only  7 days after I'd already set my password, which is stored in a secure password manager, and when i try to login, it says my password is expired..

                       

                      Just watch out, something seems very wrong. I wonder if there's more to this, and this is happening to a lot of other t-mobile users right now.

                       

                      Don't forget to put a security freeze on your credit history through Experian, Equifax, & Transunion.

                      • barcodeable

                        Re: T-Mobile Security and the Equifax Hack

                        You are correct, I remember the same "website down" I was unable to logon eventhough i entered in my password correctly.

                        Usually when someone hack into businesses and compromises the data... the business admits that they may have been hacked, but they won't come forward with the truth about being hacked until about 6 months after the fact

                        • gloria365218

                          Re: T-Mobile Security and the Equifax Hack

                          On 11/17 at around 3pm someone hacked into my tmobile account and added a new line to my tmobile family plan.  We only got a text notifying us of this at 4pm on 11/18.  At around 6pm on 11/17 we got a text on the main phone on the family program. The text had a PIN, and a second text said that the sim card had been disabled. Immediately after that the service on the main phone stopped.  We called T-mobile and the person that took the call couldn't figure out was going on (at that time we didn't know that another line had been added).  He said that our sim card stopped working and that we had to get a new one at one of their stores.  The following morning I checked my email and saw three emails from our credit card company.  The first one with a fraud a alert, and the other two thanking me for reaching out to clarify and approve the charges--which obviously I never did.  I called the credit company and they told me that someone tried to buy $4,8k worth stuff at Best Buy using apple pay, but they declined the charges because these seemed like fraud, but shortly after being declined they got a call from someone that claimed to be me, and using my phone line (which at that time had stopped working for us) were able to convince the credit card company that I was the person calling.  Even though that phone number is not registered with the credit card company, they apparently checked public records to see that the phone number had my name associated with it, and then send a text message to that phone with a password, which the person controlling my phone read back and successfully convinced the credit card that it was me calling.  I don't understand how this person was able to take control of my phone line and receive text messages and make calls.  After the credit card company "verified" the identity they approved the charge.  We've of course filed fraud complaints with t-mobile and the credit card, but any advice on what else we should do would be appreciated.

                          1 of 1 people found this helpful
                            • jegger79@gmail.com

                              This happened to me today. They were able to deactivate my sim card and activate a new one. While I was running round and trying to get to T-Mobile store to fix, they were able to get into 2 of my bank accounts and transfer money out. Total negligence/incompetence on T-Mobile's part because I had called just this morning to make sure my account was secure because had seen suspicious activity on a separate CC. I set up a passcode too. When I called T-mobile this evening, they couldn't tell me how someone was able to change my SIM card.