T-mobile data breach

Lessons from T-Mobile’s $350M breach settlement

Print Friendly, PDF & Email

Just about one year ago, in August 2021, T-Mobile suffered a truly massive data breach, in which sensitive data on more than 50 million customers was exposed and offered for sale on the dark web. This included the names, addresses, Social Security numbers, driver's licenses, and ID information of about 48 million people.

Then, this past July 24, we learned that T-Mobile had filed a tentative settlement agreement to close out the multiple class-action suits filed on behalf of U.S. residents affected by the breach. In the settlement, the company offers to pay $350 million into a fund to be paid out to affected customers. In addition, they will be required to invest an additional $150M in cybersecurity between now and the end of 2023.

Total costs much higher

Of course, the total costs of the breach to T-Mobile are considerably higher. How many customers have switched to other providers as a direct result of this debacle? How much more are they having to spend to acquire each new customer?

There’s even a social-justice angle. One commentator, writing in Forbes, argues that, because T-Mobile’s business includes a disproportionate percentage of prepaid phone sales, the breach is especially damaging to Black and other disadvantaged communities. Talk about a PR nightmare!

The only bright spot is that following the announcement of the settlement, T-Mobile’s stock price got a nice bump, presumably because it put an end to the uncertainty that investors hate more than anything.

Lessons for the rest of us

The high-level lesson, of course, is that just about anything it takes to prevent having all your customers’ sensitive data breached is worth doing. Skimping on security can very well come back to bite you, hard. (T-Mobile denies having inadequate security in place, but the company has a bad history of getting hacked and losing data. There were two back-to-back breaches in 2020, and they lost more data in in yet another breach later in 2021.)

The specific cause of this breach is a matter of some dispute, with some analysts concluding that the attackers used stolen credentials or phishing attacks to gain entry, while T-Mobile’s CEO claims that it was a “brute force” attack. But in a very important sense, it doesn’t really matter which technique or vector the attackers exploited in this particular case.

That is to say, it matters to T-Mobile — they definitely want to prioritize addressing whatever vulnerability made this breach possible. But to the rest of us the only thing that matters is making sure we are effectively securing ALL threat vectors and attack surfaces.

Securing all points of access

Most of us don’t store data on dozens of millions of customers (wouldn’t that be nice!), but a major data breach can still have devastating consequences for any business. So it’s simply prudent to make sure that you have comprehensive security in place that is capable of detecting and blocking even the most sophisticated types of threat.

  • Email security — Phishing and other email-based techniques remain the most common means of initiating an attack that leads to a data breach. These techniques evade many traditional security strategies. To effectively protect this crucial attack surface, start by using Barracuda Email Threat Scan, a free service that checks your Microsoft 365 mailboxes for dormant and unnoticed malicious emails to provide visibility into the scale of your exposure. Then consider one of the three Barracuda Email Protection plans to get security that addresses every aspect of email security to stop cyber crooks at the first stage of an attack.
  • App and cloud security — As online apps and websites become more complex, expose more potentially vulnerable APIs, and increasingly rely on third-party scripts and libraries that are executed at the browser, hackers are finding new and ingenious ways to exploit novel vulnerabilities. At the same time, keeping cloud and hybrid networks secure and properly configured is becoming a lot more complex. Use the free services Barracuda Vulnerability Manager and Barracuda Cloud Assessment Manager to identify vulnerabilities and get advice about remediation. Then find out how Barracuda Cloud Application Protection delivers advanced, comprehensive web application and API protection (WAAP) to secure all your workloads in the cloud.
  • Network protection — Network-based attacks are on the rise, and preventing them from causing a data breach requires a multilayered approach to security. Barracuda Network Protection is a platform that brings together various state-of-the-art capabilities to deliver a true secure access service edge (SASE) architecture. Zero trust access ensures continuous, granular control over which devices and users access which digital assets far more effectively than multi-factor authentication. Secure SD-WAN hardens network security while also boosting overall performance and reducing costs. Barracuda Web Security adds a crucial layer of protection against web-based threats. And Barracuda Industrial Security protects vulnerable internet-connected devices and machinery deployed in the field.
  • Data protection — A modern backup system is a critical part of your overall security infrastructure, one that is too often overlooked. Barracuda Backup and Barracuda Cloud-to-Cloud Backup use advanced strategies to make sure that you always have rapid, granular access to complete, up-to-date backups of all your data, no matter where it is stored. This ensures that in the case of a successful ransomware attack, or a disaster, or (most commonly) accidental deletion of important data, you can recover in a matter of minutes or hours. And Barracuda Data Inspector monitors and scans your OneDrive and SharePoint files to detect many types of potentially sensitive, protected, and malicious data that’s improperly stored in vulnerable locations. You can run a free scan to see what’s there now.

Prevent breaches of any size

It’s unlikely that most organizations are vulnerable to a breach anywhere near as large as the one that T-Mobile is reeling from — or that they’ll have to shell out hundreds of millions of dollars in compensation. But how high does the cost have to be for you to make sure you’re using the most advanced preventive measures available?

Barracuda makes it very easy to schedule a demo or set up a free trial of all the platforms and solutions that I’ve described here. And that’s really the best way to get a first-hand impression of how powerful they are, and of how simple and intuitive they are to configure, use, and maintain.

Start by using our free scanners to get a sense of how vulnerable you may be to different types of threats. Then use that info to prioritize your security-improvement plans. And then schedule a free demo or trial to find out if Barracuda’s comprehensive security solutions are right for your team and your organization. Barracuda sales engineers are just a no-phone-trees call away, and one of them will be more than happy to help you navigate every step of the process.

See what threats are hiding in your Microsoft 365 inboxes.

Scroll to top