Kowatek Solar LTD
Study Finds We’re One Step Closer to Solar Hydrogen
04:48
Study Finds We’re One Step Closer to Solar Hydrogen
China Energy’s first Tower CSP joins two by PowerChina at Talatan
18:14
China Energy’s first Tower CSP joins two by PowerChina at Talatan
EV Electricity Plans: Do You Really Need One?
07:56
EV Electricity Plans: Do You Really Need One?
The UK delivers Europe’s largest vanadium flow battery system
07:32
The UK delivers Europe’s largest vanadium flow battery system
Neoenergia plans $10bn investment in Brazil by 2030
04:13
Neoenergia plans $10bn investment in Brazil by 2030
Why Premium Solar Panels Matter
20:42
Why Premium Solar Panels Matter
New Factory Adds 4 GW
08:38
New Factory Adds 4 GW
Most of the tech on display at this year’s Border Security Expo was autonomous and AI-equipped, driven by the Trump administration’s focus on US border security (Elizabeth Findell/Wall Street Journal)
14:39
Most of the tech on display at this year’s Border Security Expo was autonomous and AI-equipped, driven by the Trump administration’s focus on US border security (Elizabeth Findell/Wall Street Journal)
El cambio climático está intensificando las lluvias de los huracanes, contribuyendo a inundaciones mortales » Yale Climate Connections
11:02
El cambio climático está intensificando las lluvias de los huracanes, contribuyendo a inundaciones mortales » Yale Climate Connections
US BESS operators face growing complexity as markets mature
04:29
US BESS operators face growing complexity as markets mature

API Attacker Steals Data on 37 Million T-Mobile Customers

T-Mobile has admitted that tens of millions of customers have had their personal and account information accessed via APIs by malicious actors.

The US mobile carrier explained in an SEC filing yesterday that the attack began “on or about” November 25, 2022, but was not discovered until January 5, 2023.

The information compromised by the threat actor included information such as customer names, billing and email addresses, phone numbers, dates of birth, T-Mobile account numbers, account line count and plan features. .

T-Mobile attempted to downplay the severity of the breach in a related statement, claiming that “nearly all” of the stolen information was “of the type widely available in marketing databases or directories.”

Such a large amount of data is a bit off the mark in that it provides a ready-made profile of each customer for fraudsters to use in subsequent phishing and identity fraud attempts.

“Passwords, payment card information, social security numbers, government ID numbers, or other financial account information were not compromised,” T-Mobile added in a statement.

“Our systems and policies have prevented access to the most sensitive types of customer information. As a result, customer accounts and finances should not be directly endangered by this event. There is also no evidence that any person has penetrated or compromised T-Mobile’s network or systems.”

It’s unclear what kind of API flaw the attackers exploited or why it took the carrier nearly a month and a half to detect the breach.

Wallarm CEO and co-founder Ivan Novikov argued that organizations should regularly review and update their security systems, policies and capabilities, and develop incident response plans.

“As organizations continue to accelerate their digital transformation efforts and leverage more and more APIs, it is critical that they have the right tools and expertise to protect sensitive data,” he said. Added.

“Unauthorized access through a single API can lead to a major data breach.”

Editorial Credit Icon Image: nikkimeel / Shutterstock.com

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Address:
 091, Peace Plaza, Asaba, Delta State.
216 DBS Road, Asaba, Delta State.
Start a conversation:

Follow Us Social Media

Facebook Twitter Youtube Instagram

All Rights Reserved. Kowatek Blog by IWUCHI

Home | About Us | Disclaimer | Privacy Policy | Contact Us