T-Mobile is still investigating its massive data breach from earlier this month, which affected over 54 million people. The breach includes names, driver’s license numbers, Social Security numbers and device identification (IMEI and IMSI) numbers for subscribers, former customers and prospective customers who may have been interested in T-Mobile service at one point. The breach includes customers of Metro by T-Mobile, too. That means almost anyone who’s given their information to T-Mobile could be affected.
T-Mobile’s CEO, Mike Sievert, released a blog post with an update on the cyberattack. “Fortunately, the breach did not expose any customer financial information, credit card information, debit or other payment information.” The wireless carrier is now offering free identity theft protection, advanced spam-blocking, and its Account Takeover Protection service to protect postpaid customers from their phone numbers being stolen. Sievert also mentioned that T-Mobile formed long-term partnerships with Mandiant and KPMG LLP for more cybersecurity expertise.
The company has also reset PINs for all prepaid customers after the exposure of 850,000 accounts, but it’s not enough. The mobile carrier now faces afor the breach. In last Friday’s press release, T-Mobile reported “no indication” that financial data like credit card or other payment information was compromised. The company is still completing its investigation and will notify people whose data was accessed. Right now, there’s no way to tell if you should take additional action, but Sievert confirmed that “there is no ongoing risk to customer data from this breach.”
While the situation develops, you can read our guide to class-action suit against T-Mobile. Here are some things you can do to help secure your sensitive data against any hack, regardless of whether your information has been included in .. We’ll also keep you posted about a possible
Freeze your credit with all three bureaus
One of the first things you should do is put a freeze on your credit. Doing so will prevent anyone with your information from opening a line of credit, or taking out any loans under your name. Freezing your credit won’t take long: You’ll just need to fill out a form with Equifax, and (one from each company) to make the request.
The downside to freezing your credit is that when you want to make certain purchases,, you’ll need to go through the process of briefly removing your credit freeze — and then refreezing once you’re done.
Yes, it’s inconvenient. But the extra time you take to freeze, unfreeze and then refreeze your credit is worth it and pales in comparison to the time you’d spend trying to reverse the damage done by someone opening a credit card or line of credit in your name.
Use monitoring services to keep an eye on your credit
Staying on top of what’s on your credit report is an easy way to make sure someone isn’t using your information nefariously. Some companies offer free credit monitoring to victims of a data breach, but oftentimes that’s only temporary. For example, T-Mobile is offering two years of McAfee’s ID Theft Protection Service for free to those affected by the latest breach. Take advantage of offers like this if your data is included in a breach, but once the limited-time offer expires, be ready to sign up for another service.
There are severalthat help you watch your credit report and using one could mean you will receive an alert and hopefully catch false accounts as soon as they happen.
Sign up for identity-theft monitoring
Monitoring your credit report is an important step to take; however, there’s so much more that can be done with your personal information. In addition to keeping an eye on your Social Security number and credit, anwill monitor the dark web for anyone selling or trading your personal information or arrests under your name. It should give you peace of mind if someone tries to do anything with your personal information.
Use a password manager to create and store logins
Using a unique and strong password for every online account you own is an easy way to make sure a breach of one service doesn’t lead to bad guys accessing more of your online accounts where you used the same password.
Instead of reusing a password — or a series of passwords —, store and autofill your login information.
Don’t wait to protect your personal data
The most important aspect of taking action after a hack or breach is announced is to not wait for the affected companies to announce how they want you to handle it. Be proactive. At the end of the day, it’s your information and your financial future that’s at stake.
After locking down your credit and starting monitoring services, begin to look at suggestions from the affected companies.
Some breaches lead to settlements, forcing the company to offer free services or settlements,.