The following alert was published by New York State Attorney General, but it applies to consumers in all states, so if you were a former, then-current, or prospective T-Mobile customer in 2021, you should read this:
NEW YORK – New York Attorney General Letitia James today provided guidance to consumers who may have been impacted by a 2021 T-Mobile data breach, following reports that the stolen information was put for sale on the dark web. Alongside a bipartisan coalition of attorneys general, Attorney General James advised all New York residents who believe they were impacted by the data breach to take appropriate steps to protect their information from identity theft. This comes after several individuals received alerts that their information was circulating online following the August 2021 data breach.
“I have an urgent message for T-Mobile customers and other consumers: Be aware of any misuse of your personal information and follow the guidance provided by my office to protect yourself from identity theft,” said Attorney General James. “Information stolen in a massive data breach has fallen into the wrong hands and is circulating on the dark web. The guidance offered by my office can help prevent identity theft. I advise all New Yorkers to maintain their financial safety by following the guidance my office has laid out. No consumer should have to deal with the devastating realities of identity theft.”
In August 2021, T-Mobile reported a massive data breach compromising the sensitive personal information of millions of current, former, and prospective T-Mobile customers. The breach impacted more than 53 million individuals, including more than 4 million New Yorkers. Among other categories of impacted information, millions had their names, dates of birth, Social Security numbers, and driver’s license information compromised.
Recently, a large subset of the information compromised in the breach was discovered for sale on the dark web — a hidden portion of the Internet where cyber criminals buy, sell, and track personal information. Many individuals received alerts through various identity theft protection services informing them that their information was found online in connection with the breach, confirming that impacted individuals are at heightened risk for identity theft.
Attorney General James urges anyone who believes they were impacted by the T-Mobile breach to take the following steps to protect themselves:
- Monitor your credit. Credit monitoring services track your credit report and alert you whenever a change is made, such as a new account or a large purchase. Most services will notify you within 24 hours of any change to your credit report.
- Consider placing a free credit freeze on your credit report. Identity thieves will not be able to open a new credit account in your name while the freeze is in place. You can place a credit freeze by contacting each of the three major credit bureaus:
- Equifax | https://www.equifax.com/personal/credit-report-services/credit-freeze
+1 (888) 766-0008 - Experian | https://www.experian.com/freeze/center.html
+1 (888) 397-3742 - TransUnion | https://www.transunion.com/credit-freeze
+1 (800) 680-7289
- Equifax | https://www.equifax.com/personal/credit-report-services/credit-freeze
- Place a fraud alert on your credit report. A fraud alert tells lenders and creditors to take extra steps to verify your identity before issuing credit. You can place a fraud alert by contacting any one of the three major credit bureaus.
- Additional Resources. If you believe you are a victim of identity theft, go to identitytheft.gov for assistance on how to report it and recover from it — or contact our office for help by completing and submitting a complaint with the Bureau of Internet and Technology or by calling (800) 771-7755.