Help T-mobile massive data breach. Is MetroPCS included?

[AppleUser]

A few days ago t-mobile announced a massive data breach. See links below. Some websites indicate MetroPCS is NOT included, but others assert Metro is indeed included.

What's the truth? What will you Metro customers do about this?

https://www.cnet.com/tech/services-...ways-to-secure-your-data-after-a-cyberattack/

https://www.t-mobile.com/brand/data-breach-2021/next-steps

https://www.cnet.com/tech/services-...ways-to-secure-your-data-after-a-cyberattack/

 

[svim]

Yeah so T-Mobile got hacked but this is just another one of countless other 'massive breaches'. It's worth a news-cycle or two, and then after all the FUD and induced panic fades, another hack of a different corporation will be revealed. Big Tech loves to hoard our personal data, and Big Tech can get away with it because we have the finest Congress money can buy.
Most people have already forgotten about the Equifax hacking debacle just a few years ago -- that dwarfed the T-Mobile breach and allowed much, much more personal data to get posted into the Dark Web. And Equifax is still thriving and still allowed to data mine the public.

 

[AppleUser]

Okay, but those two questions remain unanswered.

 

[svim]

Well specifically T-Mobile did not announce its hacking incident, it was actually a matter of third-party sources making their findings public. Initially T-Mobile then went into denial mode, then after more and more research and sleuthing was done (again by third-party analysts and news media) T-Mobile finally admitted a breach had indeed occurred. But it also lied about its scaled and number of people affected, only recently now coming clean (relatively) about the whole debacle. The point being, this is just another, typical scenario. There's a public revelation about some issue, the targeted company may or may not live up to it even when there's documented evidence, and then the next news cycle just comes along. We, the public, get screwed and they just keep accumulating more money. So don't hold your breath waiting to find out if MetroPCS is or isn't involved, the odds aren't very good there is going to be a definitive answer being made public at this point.
If anything be sure to log into your MetroPCS account and change your password and/or passcode now. No sense waiting for an announcement, be proactive about accessing your account. And at a deeper level, freeze your credit reports:
https://www.nytimes.com/wirecutter/money/how-to-freeze-credit-reports/
This is something you should do anyway, no matter if your carrier has or hasn't been sloppy with its own security practices. A major aspect to T-Mobile's screw up was all the personal data they retained and how loosely secure it was archived -- things like people's credit history might be needed when they apply for an account but there is no viable reason when T-Mobile needed to keep all that info afterwards.

 

[AppleUser]

Are the accounts held by MetroPCS included in this breach?

Is changing one's pin code and/or security questions sufficient?

Should one cancel the used credit card and get a new number ?

 

[svim]

Well changing your account's authentication info is going to at least keep anyone accessing and using the leaked data to log into your account won't work. But that's a big part of the problem, all that personal data T-Mobile had retained and didn't secure properly. The leaked data is likely to be out somewhere in the Dark Web and accessible to the public.
Of course that's also basically conspiracy theory as far as MetroPCS being a part of the T-Mobile hack. There's no evidence it was, they're two different companies with the link only being one owns the other. I previously suggested that you reset your password not because I actually thought MetroPCS was included in this latest debacle, but more for you to have peace of mind so it's up to you just how fixated you want to be about this. At this point there are no valid postings floating around online about MetroPCS being involved. Or if so, please post it.

 

[SalemKring]

lied about its scaled and number of people affected, only recently now coming clean (relatively) about the whole debacle.