T-Mobile Company CyberSecurity Posture

t-mobile.com
ISOSOC2 Type 1SOC2 Type 2PCI DSSHIPAAGDPR

As the supercharged Un-carrier, T-Mobile US, Inc. (NASDAQ: TMUS) is powered by an award-winning 5G network that connects more people, in more places, than ever before. With T-Mobile’s unique value proposition of best network, best value, and best experiences, the Un-carrier is redefining connectivity and fueling competition while continuing to drive the next wave of innovation in wireless and beyond. Headquartered in Bellevue, Wash., T-Mobile provides services through its subsidiaries and operates its flagship brands, T-Mobile, Metro by T-Mobile, and Mint Mobile.

T-Mobile A.I CyberSecurity Scoring

T-Mobile

Company Details

Linkedin ID:

t-mobile

Website:

https://t-mobile.com

Employees number:

95,676

Number of followers:

637,479

NAICS:

517

Industry Type:

Telecommunications

Homepage:

t-mobile.com

IP Addresses:

899

Company ID:

T-M_9421933

Scan Status:

In-progress

AI scoreT-Mobile Risk Score (AI oriented)

Between 550 and 599

https://images.rankiteo.com/companyimages/t-mobile.jpeg
T-Mobile Telecommunications
Updated:
  • Powered by our proprietary A.I cyber incident model
  • Insurance preferes TPRM score to calculate premium
globalscoreT-Mobile Global Score (TPRM)

XXXX

https://images.rankiteo.com/companyimages/t-mobile.jpeg
T-Mobile Telecommunications
  • Instant access to detailed risk factors
  • Benchmark vs. industry & size peers
  • Vulnerabilities
  • Findings

T-Mobile

Very Poor
Current Score
571
Ca (Very Poor)
01000
21 incidents
-37.5 avg impact

Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.

JANUARY 2026
575
DECEMBER 2025
571
NOVEMBER 2025
569
OCTOBER 2025
593
Breach
14 Oct 2025 • T-Mobile
Unencrypted Satellite Communications Interception by Academic Researchers

A research team from UC San Diego and the University of Maryland intercepted unencrypted satellite communications, exposing critical vulnerabilities in T-Mobile’s backhaul systems. Over a nine-hour session, they accessed **phone numbers, call logs, and text messages of over 2,700 users** via T-Mobile’s satellite links. While the interception was one-sided (only incoming data to users was exposed, not outgoing), the breach revealed systemic failures in encryption protocols. The researchers used **off-the-shelf equipment costing under $600** to exploit this flaw, demonstrating how easily malicious actors could replicate the attack. T-Mobile was notified and later implemented encryption, but the incident highlights the risks of unsecured satellite-based cellular infrastructure, where **location data, communication metadata, and potentially sensitive user interactions** were left exposed to passive eavesdropping. The breach underscores the broader industry neglect of satellite security, with implications for both consumer privacy and national security, given that military and law enforcement communications were similarly vulnerable in the study.

561
critical -32
T-M5362753101525
Incident Details -
Type
Data Interception Unauthorized Access Privacy Violation Infrastructure Vulnerability
Attack Vector
Passive Eavesdropping Unencrypted Satellite Transmissions Lack of Signal Encryption
Vulnerability Exploited
Unencrypted Satellite Backhaul Lack of Signal Authentication Over-the-Air Broadcast Without Protection
Motivation
Academic Research Security Awareness Vulnerability Disclosure
Impact
T-Mobile user call/text metadata (2,700+ users) In-flight Wi-Fi communications Utility infrastructure comms (oil rigs, electricity providers) US military sea vessel names/locations Mexican military/law enforcement intelligence (narcotics tracking, asset maintenance, mission details) Military/law enforcement personnel/equipment/facility locations T-Mobile satellite backhaul In-flight Wi-Fi systems Utility infrastructure satellite comms (oil rigs, electricity providers) US military sea vessel communications Mexican military/law enforcement satellite networks Exposure of sensitive military/law enforcement operations Risk to critical infrastructure (oil rigs, electricity grids) Potential compromise of personnel safety Potential erosion of trust in satellite communication providers Negative publicity for T-Mobile, affected utilities, and military agencies Potential wiretapping violations (investigated but not prosecuted) Regulatory scrutiny for affected entities Low (metadata-only for T-Mobile users) High for military/law enforcement personnel (location/mission details exposed)
Response
Partial (by some affected entities post-notification) Academic researchers (UC San Diego, University of Maryland) Encryption implemented by T-Mobile, Walmart, KPU post-disclosure Notification to affected entities Public disclosure to raise awareness Media interviews (Wired) Academic paper publication
Data Breach
Call/text metadata (phone numbers, timestamps) Military/law enforcement operational data (locations, mission details) Utility infrastructure communications Vessel/asset maintenance records 2,700+ (T-Mobile users) Unknown (military/utility data) High (military/law enforcement) Medium (utility infrastructure) Low (T-Mobile metadata) Data Exfiltration: Passive interception (no active exfiltration) Data Encryption: None (unencrypted transmissions) Voice call metadata Text message metadata Operational logs Maintenance records Location data Phone numbers (T-Mobile users) Military/law enforcement personnel locations
Regulatory Compliance
Potential violations of wiretapping laws (investigated but not prosecuted) Sector-specific encryption requirements (e.g., defense, telecommunications) Informal notifications by researchers to affected entities
Lessons Learned
Widespread assumption of 'security through obscurity' in satellite communications is flawed. Critical infrastructure and military systems rely on unencrypted satellite links, creating systemic risk. Low-cost equipment can intercept high-value data, lowering the barrier for adversaries. Passive interception of broadcast signals may not violate laws, highlighting gaps in regulatory frameworks.
Recommendations
Mandate encryption for all satellite communications, especially for critical infrastructure and defense. Implement signal authentication and access controls for satellite transmissions. Conduct regular audits of satellite security protocols by third-party assessors. Raise awareness among satellite operators about the risks of unencrypted broadcasts. Develop international standards for secure satellite communications.
Investigation Status
['Completed (academic study); partial remediation by notified entities']
Stakeholder Advisories
Researchers notified affected companies/agencies; some implemented encryption
Post Incident Analysis
Lack of encryption in satellite backhaul systems Over-reliance on 'security through obscurity' (assumption that signals wouldn’t be intercepted) Absence of regulatory enforcement for satellite security standards Low awareness of interception risks among satellite operators T-Mobile, Walmart, and KPU implemented encryption post-disclosure. Public disclosure to pressure other operators into securing transmissions. Academic outreach to satellite industry stakeholders.
References
Blog URL Source URL
SEPTEMBER 2025
591
AUGUST 2025
586
JULY 2025
581
JUNE 2025
616
Breach
16 Jun 2025 • T-Mobile: Hackers claim 64 million leaked T-Mobile records, but it denies breach - here's what customers need to know
Alleged T-Mobile Data Breach: 64 Million Records Leaked on Dark Web

**Hacker Claims Massive T-Mobile Data Breach, Company Denies Involvement** An unnamed hacker recently posted on a dark web forum, alleging the theft of 64 million records containing sensitive customer data purportedly linked to T-Mobile. The leaked database, reportedly obtained as early as June 1, 2025, includes full names, dates of birth, tax IDs, postal and email addresses, phone numbers, device IDs, cookie IDs, and IP addresses. T-Mobile swiftly denied any connection to the breach, stating that the data "does not relate to T-Mobile or our customers." Cybersecurity researchers at *Cybernews* analyzed the sample but could not verify its authenticity, noting that while some phone numbers matched past T-Mobile breaches, the full dataset’s legitimacy remains unconfirmed. The 64 million "lines" may not equate to 64 million unique individuals. If legitimate, the exposed data could fuel targeted phishing attacks, identity theft, and fraud. This incident follows a pattern: last year, threat actor IntelBroker claimed to have breached T-Mobile, stealing source code and other internal files—claims the company also dismissed. As of now, the origin and validity of the leaked data remain disputed.

573
critical -43
T-M1767599480
Incident Details -
Type
Data Breach
Attack Vector
Unknown
Motivation
Financial gain, identity theft, phishing attacks
Impact
Data Compromised: 64 million records allegedly containing PII Brand Reputation Impact: Potential negative impact due to false claims and media coverage Identity Theft Risk: High
Response
Communication Strategy: Public denial of breach and data connection
Data Breach
Full names Dates of birth Tax IDs Postal addresses Phone numbers Email addresses Device IDs Cookie IDs IP addresses Number Of Records Exposed: 64 million (alleged) Sensitivity Of Data: High Data Exfiltration: Alleged Personally Identifiable Information: Yes
Investigation Status
['Ongoing (authenticity unverified)']
Initial Access Broker
Data Sold On Dark Web: Alleged
References
Blog URL Source URL
MAY 2025
612
APRIL 2025
608
MARCH 2025
603
FEBRUARY 2025
599
DECEMBER 2024
615
Breach
01 Dec 2024 • T-Mobile
Hacking Attempt on T-Mobile's Routing Infrastructure

T-Mobile, a major telecom service provider with contracts across various divisions of the US Department of Defense, including the Army, Air Force, and Navy, encountered attempts of hacking activity through its routing infrastructure. Although the company has not confirmed that the attack was the Salt Typhoon espionage campaign, it identified and mitigated the intrusion attempts. Despite this, vulnerabilities remain in the telecom infrastructure. Senators are urging the DOD to renegotiate contracts to strengthen cybersecurity defenses, pointing out the risks of surveillance and potential espionage.

585
critical -30
T-M000120524
Incident Details -
Type
Hacking Attempt
Attack Vector
Routing Infrastructure
Motivation
Surveillance Espionage
Impact
Systems Affected: Routing Infrastructure
Response
Containment Measures: Identified and mitigated intrusion attempts
Recommendations
Senators are urging the DOD to renegotiate contracts to strengthen cybersecurity defenses
References
Blog URL Source URL
JUNE 2023
555
Data Leak
16 Jun 2023 • T-Mobile
T-Mobile Data Breach of 2023

T-Mobile experienced its second data breach of 2023; 100 of consumers' personal information was exposed to threat actors. The security incident only affected 836 customers, which is a small number. Personal bank account information and call history, according to the carrier, were unaffected by the security lapse. Each customer's information was collected differently, but it could have included their full name, contact information, account number and related phone numbers, T-Mobile account PIN, social security number, government-issued ID, date of birth, balance due, and internal T-Mobile service account servicer codes, as well as the number of lines. They can get free credit monitoring and identity theft detection services from T-Mobile for two years.

524
critical -31
TMO11721023
Incident Details -
Type
Data Breach
Impact
full name contact information account number and related phone numbers T-Mobile account PIN social security number government-issued ID date of birth balance due internal T-Mobile service account servicer codes number of lines
Data Breach
personal information high full name contact information social security number government-issued ID date of birth
References
Blog URL Source URL
FEBRUARY 2023
561
Breach
01 Feb 2023 • T-Mobile
T-Mobile Data Breach

Threat actors gained access to the private data of 100 of customers of T-Mobile beginning in late February 2023 as a result of the second data breach of 2023. Only 836 clients, in total, were affected by the security compromise. The company claims that the security breach had no impact on call history or information from personal bank accounts. Depending on the customer, different information was obtained, but it could have included the following: full name, contact information, account number and related phone numbers, T-Mobile account PIN, social security number, government-issued ID, date of birth, balance owing, internal codes used by T-Mobile to service customer accounts (such as rate plan and feature codes), and the number of lines.

530
critical -31
TMO05529523
Incident Details -
Type
Data Breach
Impact
full name contact information account number and related phone numbers T-Mobile account PIN social security number government-issued ID date of birth balance owing internal codes used by T-Mobile to service customer accounts number of lines
Data Breach
full name contact information account number and related phone numbers T-Mobile account PIN social security number government-issued ID date of birth balance owing internal codes used by T-Mobile to service customer accounts number of lines
References
Blog URL Source URL
JANUARY 2023
598
Breach
01 Jan 2023 • T-Mobile
T-Mobile Data Breach

T-Mobile suffered another breach incident that affected around 37 million customers. The stolen data included addresses, phone numbers, and dates of birth. The carrier has no evidence (at least so far) that any passwords, pins, bank account, credit card information, or Social Security numbers.

556
high -42
TMO215721123
Incident Details -
Type
Data Breach
Impact
addresses phone numbers dates of birth
Data Breach
addresses phone numbers dates of birth Number Of Records Exposed: 37 million addresses phone numbers dates of birth
References
Blog URL Source URL
NOVEMBER 2022
630
Breach
25 Nov 2022 • T-Mobile USA
T-Mobile USA Data Breach

The Washington State Office of the Attorney General reported that T-Mobile USA experienced an unauthorized access data breach affecting 772,593 individuals. The breach occurred between November 25, 2022, and January 5, 2023, potentially exposing customer names, full dates of birth, and other account information, but not passwords, payment methods, or Social Security numbers.

592
critical -38
T-M510072825
Incident Details -
Type
Data Breach
Attack Vector
Unauthorized Access
Impact
Customer names Full dates of birth Other account information
Data Breach
Customer names Full dates of birth Other account information
References
Blog URL Source URL
AUGUST 2022
626
Cyber Attack
01 Aug 2022 • T-Mobile
T-Mobile Data Breach

T-mobile company suffered a significant data breach in a cyber attack in August 2022. A former owner of a T-Mobile retail store in Eagle Rock was guilty of 14 federal criminal charges related to his $25 million scheme to enrich himself by stealing T-Mobile employee credentials and unlawfully accessing the company's internal computer systems to illicitly "unlock" and "unblock" cellphones. Around 25 million customers' data was compromised in the attack.

614
critical -12
TMO1148161122
Incident Details -
Type
Data Breach
Attack Vector
Credential Theft
Vulnerability Exploited
Stolen Employee Credentials
Motivation
Financial Gain
Impact
Data Compromised: Customer data Systems Affected: Internal computer systems Legal Liabilities: 14 federal criminal charges
Data Breach
Type Of Data Compromised: Customer data Number Of Records Exposed: 25 million
Regulatory Compliance
Legal Actions: 14 federal criminal charges
Initial Access Broker
Entry Point: Stolen Employee Credentials
Post Incident Analysis
Root Causes: Stolen Employee Credentials
References
Blog URL Source URL
APRIL 2022
619
Cyber Attack
01 Apr 2022 • T-Mobile
Ongoing Phishing Campaign Targeting T-Mobile Customers

T-Mobile customers are being targeted by ongoing phishing campaign. The hackers are using malicious links with unblockable texts sent via SMS (Short Message Service) group messages. The attacker are using the data breached form the company in the past. The NJCCIC warned the customers to be alerted of any suspicious activity.

610
critical -9
TMO102316422
Incident Details -
Type
Phishing Campaign
Attack Vector
SMS Phishing
Vulnerability Exploited
Past Data Breach
Motivation
Data Theft
Customer Advisories
NJCCIC warned customers to be alerted of any suspicious activity.
Initial Access Broker
Entry Point: SMS Phishing
References
Blog URL Source URL
DECEMBER 2021
644
Breach
01 Dec 2021 • T-Mobile
T-Mobile Data Breach

T-mobile company suffered a significant data breach in a cyber attack in December 2021. The customers fell prey to the attacker and suffered SIM swapping attacks and exposed personal information like personal plan information, billing account name, phone and account number, and others. Around 50 million customers' data was compromised in the breach.

602
critical -42
TMO154319322
Incident Details -
Type
Data Breach
Attack Vector
SIM Swapping
Impact
personal plan information billing account name phone and account number
Data Breach
personal plan information billing account name phone and account number Number Of Records Exposed: 50 million
References
Blog URL Source URL
AUGUST 2021
672
Breach
01 Aug 2021 • T-Mobile
T-Mobile Data Breach

In August 2021, T-Mobile experienced a significant cybersecurity breach, resulting in the theft of data from about 50 million existing and potential customers. The information compromised included customer addresses, drivers' licenses, and social security numbers. This breach was orchestrated by a 21-year-old who claimed to have accessed approximately 106GB of T-Mobile's data. The exposure of such sensitive personal information potentially puts millions of individuals at risk of identity theft and fraud, raising serious privacy and security concerns.

629
critical -43
T-M416050724
Incident Details -
Type
Data Breach
Impact
customer addresses drivers' licenses social security numbers Identity Theft Risk: High
Data Breach
customer addresses drivers' licenses social security numbers Number Of Records Exposed: 50 million Sensitivity Of Data: High Data Exfiltration: 106GB Personally Identifiable Information: Yes
References
Blog URL Source URL
JULY 2021
701
Breach
22 Jul 2021 • T-Mobile USA, Inc.
T-Mobile USA Data Breach

The California Office of the Attorney General reported on August 25, 2021, that T-Mobile USA experienced a data breach on July 22, 2021, involving the unauthorized access of personal customer information. The breach potentially affected data such as names, drivers’ licenses, Social Security numbers, and dates of birth among others, although the specific number of individuals impacted is unknown.

671
critical -30
T-M228072925
Incident Details -
Type
Data Breach
Impact
names drivers’ licenses Social Security numbers dates of birth
Data Breach
names drivers’ licenses Social Security numbers dates of birth Sensitivity Of Data: High
References
Blog URL Source URL
JUNE 2021
729
Breach
16 Jun 2021 • T-Mobile
FCC Upholds New Data Breach Reporting Rules for Telecom Companies After Court Challenge

T-Mobile faced a series of high-profile data breaches dating back to 2021, resulting in the unauthorized exposure of **customers’ personally identifiable information (PII)**, including Social Security numbers, email addresses, and other sensitive data. The breaches violated the FCC’s updated 2024 regulations, which mandate reporting incidents involving **500+ customers’ PII within seven business days**. The company was penalized with a **$31.5 million fine** and forced to overhaul its cybersecurity practices as part of a settlement with the FCC. The breaches compromised **customer trust**, exposed critical personal data to potential misuse (e.g., identity theft, fraud), and highlighted systemic vulnerabilities in T-Mobile’s data protection frameworks. The FCC’s enforcement underscored the severity of failing to safeguard PII, particularly under stricter regulatory scrutiny. The incident aligns with broader industry trends where telecom providers face escalating legal and financial repercussions for inadequate breach responses.

698
critical -31
T-M733081425
Incident Details -
Type
Regulatory Update Legal Challenge Data Breach Reporting Policy
Motivation
Industry Pushback Against Regulation Compliance Cost Concerns
Impact
Increased Compliance Burden for Telecom Companies Mandatory 7-Day Breach Reporting for PII (500+ customers) Potential Trust Erosion Due to Mandatory Disclosures Enhanced Transparency for Customers FCC Fines for Non-Compliance (e.g., T-Mobile: $31.5M, AT&T: $13.3M, TracFone: $16M) Expanded Reporting for SSNs, Email Addresses (Previously Limited to CPNI like Call Records)
Response
Legal Representation for Industry Groups (Petitioners) FCC Public Statements Court Opinion Publication Mandated for Telecom Companies Under New Rules
Data Breach
Customer Proprietary Network Information (CPNI) Personally Identifiable Information (PII): SSNs, Email Addresses Threshold: 500+ Customers (Reporting Requirement) High (SSNs, PII) Social Security Numbers Email Addresses Call Records Billing Information
Regulatory Compliance
Pre-2024 FCC Breach Reporting Rules (Outdated for 16 Years) T-Mobile: $31.5M (2021+ Incidents) AT&T: $13.3M (Cloud Vendor Breach) TracFone: $16M (Customer Data Safeguard Failures) Industry Petition to Block 2024 Rules (Rejected 2-1 by Sixth Circuit Court of Appeals) Congressional Review Act Challenge (Dismissed) 7-Business-Day Reporting Deadline for Breaches Affecting 500+ Customers
Lessons Learned
Regulatory Agencies Can Expand Authority to Address Evolving Threats (e.g., PII vs. CPNI) Industry Resistance to Compliance Costs May Fail in Court if Public Interest (e.g., Consumer Protection) is Demonstrated Proactive Cybersecurity Investments Can Mitigate Fines (e.g., T-Mobile's Overhaul Post-Settlement)
Recommendations
Telecom Companies Should Audit PII Storage/Access to Comply with Expanded Reporting Rules Implement Automated Breach Detection to Meet 7-Day Deadline Enhance Third-Party Vendor Security (e.g., AT&T's Cloud Vendor Breach) Monitor Dark Web for Exfiltrated PII to Preempt Regulatory Action
Investigation Status
Completed (Court Ruling Issued)
Customer Advisories
Consumers May Receive More Breach Notifications Due to Expanded PII Definition FCC Encourages Customers to Monitor Credit Reports for Signs of Identity Theft
Stakeholder Advisories
Telecom Companies Must Update Incident Response Plans to Include 7-Day PII Breach Reporting Legal Teams Should Review Congressional Review Act Implications for Future Challenges
Post Incident Analysis
Outdated Regulatory Framework (16 Years Without Updates) Industry Lobbying Against Stricter Oversight Inadequate Third-Party Risk Management (e.g., AT&T's Cloud Vendor Breach) FCC's Rulemodernization to Include PII (Beyond CPNI) Mandatory Timely Disclosure to Reduce Consumer Harm Financial Penalties to Incentivize Compliance (e.g., T-Mobile's $31.5M Settlement)
References
Blog URL Source URL
MARCH 2020
723
Breach
01 Mar 2020 • T-Mobile
T-Mobile Data Breach via Email Vendor Hack

T-Mobile suffered a data breach caused after an email vendor was hacked in an incident that exposed the personal and financial information of some of its customers. Some of the compromised email accounts contained T-Mobile customer information such as social security numbers, financial information, government ID numbers, billing information, and rate plans. T-Mobile notified the affected customers affected by sending text messages and identified and shut down a security event involving account information. T-Mobile also offered a free two-year subscription to my true identity online credit monitoring service for those whose financial information was exposed.

692
critical -31
TMO15334722
Incident Details -
Type
Data Breach
Attack Vector
Email Vendor Hack
Impact
social security numbers financial information government ID numbers billing information rate plans
Response
Containment Measures: Identified and shut down a security event involving account information Communication Strategy: Notified affected customers by sending text messages
Data Breach
social security numbers financial information government ID numbers billing information rate plans Sensitivity Of Data: High social security numbers government ID numbers
Customer Advisories
Offered a free two-year subscription to my true identity online credit monitoring service for those whose financial information was exposed
Initial Access Broker
Entry Point: Email Vendor
References
Blog URL Source URL
NOVEMBER 2019
745
Breach
01 Nov 2019 • T-Mobile
T-Mobile Prepaid Account Data Breach

The account information of an undisclosed number of customers of T-mobiles was breached by an unauthorized third-party. The accessed data included name and billing address, phone number, account number, rate plan and features, such as whether you added an international calling feature all related to prepaid service account. T-mobile alerted all impacted customers via SMS notifications and shut down malicious, unauthorized access to some information related to your T-Mobile prepaid wireless account.

714
critical -31
TMO0241722
Incident Details -
Type
Data Breach
Attack Vector
Unauthorized Access
Impact
Name Billing Address Phone Number Account Number Rate Plan and Features
Response
Containment Measures: Shut down malicious, unauthorized access Communication Strategy: Alerted impacted customers via SMS notifications
Data Breach
Personally Identifiable Information Account Information Name Billing Address Phone Number
Customer Advisories
Alerted impacted customers via SMS notifications
References
Blog URL Source URL
AUGUST 2018
745
Breach
01 Aug 2018 • T-Mobile
T-Mobile USA Data Breach

T-Mobile USA suffered a data breach incident after its cyber-security team discovered unauthorized access to its customers' data. An attacker exfiltrated personal data such as customer names, billing ZIP codes, phone numbers, email addresses, account numbers, and account types (prepaid or postpaid). However, he did not gain access to passwords, social security numbers, or any financial information. T-mobile notified that 3% of its customers were affected by the attack.

714
high -31
TMO15303722
Incident Details -
Type
Data Breach
Impact
customer names billing ZIP codes phone numbers email addresses account numbers account types
Data Breach
customer names billing ZIP codes phone numbers email addresses account numbers account types
References
Blog URL Source URL
JUNE 2018
773
Breach
16 Jun 2018 • T-Mobile
None

T-Mobile suffered a **massive data breach** in August 2023, exposing the personal information of **37 million customers**, including names, billing addresses, emails, phone numbers, dates of birth, and account details. The breach originated from a malicious actor exploiting an API vulnerability, gaining unauthorized access to customer data over a month-long period. While T-Mobile confirmed no financial data (e.g., credit cards, SSNs) or passwords were stolen, the exposed information heightened risks of **phishing, SIM-swapping, and identity fraud**. The incident marked the **ninth major breach** for T-Mobile since 2018, raising concerns over its cybersecurity practices. Regulators and customers criticized the company’s failure to prevent recurring attacks, despite prior settlements and promises to bolster security. The breach’s scale and the sensitivity of leaked data—though not financial—posed **significant reputational damage** and operational disruptions, including customer churn and potential lawsuits.

742
critical -31
T-M2604326110525
Incident Details -
References
Blog URL Source URL
FEBRUARY 2018
769
Vulnerability
01 Feb 2018 • T-Mobile
T-Mobile Data Breach and Account Hijacking

There was a vulnerability found. T-Mobile classified it as “critical,” patched the bug and gave the researcher a $5,000 reward. Hackers accessed customers’ sensitive information such as email addresses, billing account numbers, and their IMSI, the phone’s standardized unique number that identifies subscribers. They also hijacked their phone numbers and tried stealing money from their banking accounts linked to those numbers.

767
critical -2
TMO18348622
Incident Details -
Type
Data Breach, Account Hijacking
Attack Vector
Exploitation of Vulnerability
Vulnerability Exploited
Critical vulnerability
Motivation
Financial Gain
Impact
email addresses billing account numbers IMSI
Data Breach
email addresses billing account numbers IMSI Sensitivity Of Data: High
References
Blog URL Source URL
DECEMBER 2017
805
Data Leak
01 Dec 2017 • T-Mobile
Cybercriminal Hacks Multiple Businesses to Sell Customer Data on Dark Web

A cybercriminal has admitted to hacking businesses like Uber, Sainsbury's, and Groupon to sell customers' personal information on the dark web. The other targets included Nectar, T-Mobile, Asda, Ladbrokes, Coral, and Argos. The data comprised all the information required to complete an online purchase and was then promoted and sold to clients through his dark website. The firm is thought to have lost more than £200,000 due to the theft, although no financial data was collected. West pleaded guilty to two counts of conspiring to defraud, one count of hacking a computer, four counts of possessing and supplying marijuana, two counts of having criminal property, and one crime of money laundering Bitcoins. The leaked data is related to a security breach on a third-party vendor.

767
critical -38
TMO20024323
Incident Details -
Type
Data Breach
Attack Vector
Hacking
Vulnerability Exploited
Security breach on a third-party vendor
Motivation
Financial Gain
Impact
Financial Loss: More than £200,000 Data Compromised: Customers' personal information
Data Breach
Type Of Data Compromised: Personal information required to complete an online purchase
Initial Access Broker
Data Sold On Dark Web: Yes
References
Blog URL Source URL
SEPTEMBER 2015
815
Breach
14 Sep 2015 • T-Mobile USA, Inc.
T-Mobile USA Data Breach

The California Office of the Attorney General reported on October 1, 2015, that T-Mobile USA, Inc. experienced a data breach on September 14, 2015, involving unauthorized access to Experian servers. The breach potentially exposed personal information of customers, including names, addresses, social security numbers, and dates of birth, but no banking or payment information was compromised.

785
critical -30
T-M759072725
Incident Details -
Type
Data Breach
Attack Vector
Unauthorized Access
Impact
Names Addresses Social Security Numbers Dates of Birth
Data Breach
Personal Information Sensitivity Of Data: High Names Addresses Social Security Numbers Dates of Birth
References
Blog URL Source URL
NOVEMBER 2013
833
Breach
01 Nov 2013 • T-Mobile USA, Inc.
T-Mobile US Data Breach

The California Office of the Attorney General reported a data breach involving T-Mobile US on December 30, 2013. The breach involved unauthorized access to a file stored on servers managed by a T-Mobile supplier, potentially exposing personal information such as names, addresses, Social Security numbers, and/or Driver’s License numbers. The date of the breach discovery was in late November 2013.

805
critical -28
T-M416072525
Incident Details -
Type
Data Breach
Impact
names addresses Social Security numbers Driver’s License numbers
Data Breach
names addresses Social Security numbers Driver’s License numbers
References
Blog URL Source URL

Frequently Asked Questions

According to Rankiteo, the current A.I.-based Cyber Score for T-Mobile is 571, which corresponds to a Very Poor rating.

According to Rankiteo, the A.I. Rankiteo Cyber Score for December 2025 was 571.

According to Rankiteo, the A.I. Rankiteo Cyber Score for November 2025 was 569.

According to Rankiteo, the A.I. Rankiteo Cyber Score for October 2025 was 593.

According to Rankiteo, the A.I. Rankiteo Cyber Score for September 2025 was 591.

According to Rankiteo, the A.I. Rankiteo Cyber Score for August 2025 was 586.

According to Rankiteo, the A.I. Rankiteo Cyber Score for July 2025 was 581.

According to Rankiteo, the A.I. Rankiteo Cyber Score for June 2025 was 616.

According to Rankiteo, the A.I. Rankiteo Cyber Score for May 2025 was 612.

According to Rankiteo, the A.I. Rankiteo Cyber Score for April 2025 was 608.

According to Rankiteo, the A.I. Rankiteo Cyber Score for March 2025 was 603.

According to Rankiteo, the A.I. Rankiteo Cyber Score for February 2025 was 599.

Over the past 12 months, the average per-incident point impact on T-Mobile’s A.I Rankiteo Cyber Score has been -37.5 points.

You can access T-Mobile’s cyber incident details on Rankiteo by visiting the following link: https://www.rankiteo.com/company/t-mobile.

You can find the summary of the A.I Rankiteo Risk Scoring methodology on Rankiteo by visiting the following link: Rankiteo Algorithm.

You can view T-Mobile’s profile page on Rankiteo by visiting the following link: https://www.rankiteo.com/company/t-mobile.

With scores of 18.5/20 from OpenAI ChatGPT, 20/20 from Mistral AI, and 17/20 from Claude AI, the A.I. Rankiteo Risk Scoring methodology is validated as a market leader.