"T-Mobile Reportedly Suffers Another, Smaller Data Breach"

T-Mobile has reportedly suffered another data breach a few months after a huge breach in August. The new breach seems to have affected a smaller group of customers, and the total amount of customers affected is still unknown. The customers affected by the breach received notifications of "unauthorized activity" that consisted of hackers checking out customer proprietary network information (CPNI), pulling off a physical SIM swap, or both. An unapproved physical SIM swap enables an adversary to take over one's phone number and could allow the adversary to potentially gain access to accounts linked to the device if the adversary had the device password. CPNI includes all the data T-Mobile has about your phone calls, which, according to the carrier, means "features of your voice calling service (e.g., international calling), usage information (like call logs including date, time, phone numbers called, and duration of calls), and quantitative data like minutes used." CPNI doesn't contain any billing-related information, like names or addresses.

CNET reports: "T-Mobile Reportedly Suffers Another, Smaller Data Breach"