Free WiFi sounds great, but unsecured WiFi is truly a great threat.
On Friday, August, 24, According to Motherboard, T-Mobile updated their statement to say that encrypted passwords of 2 million of their customers were in fact stolen, as MyProfyle suggested was a real possibility. Further analysis by independent security experts suggest that the encryption is vulnerable to hackers.
2 Million T-Mobile Customers Exposed
This past Monday (August 20) T-Mobile announced they had uncovered the unauthorized access of about 3%, or 2 million, of its 77 million customers. Three years ago, in 2015, 15 million of T-Mobile’s customers were affected by a data breach of Experian, one of the credit bureaus that the mobile carrier uses to evaluate new account applications.
Google chrome browser now tells you a website is “not secure” if it is HTTP instead of HTTPS (S for secure). Even when using public WiFi, you are much safer on HTTPS websites. The problem is, you don’t get to choose if the website you want to visit is HTTPS. You can, of course, decide to heed the Google warning and leave immediately and return when you can do so safely.
Mixed Message May Confuse Consumers
According to T-Mobile account passwords were not compromised but perhaps recognizing their vulnerability given that name, email, account number and other information was exposed, they recommend account holders change their password. To MyProfyle, that seems like a mixed message. If the passwords were not exposed, why change them? If they are vulnerable, changing them will not likely do any good. It’s quite possible that the passwords were compromised and you should change your password on any site where you also used that same password.
Take Action Now
MyProfyle recommends an additional course of action. Customers have been instructed to contact T-Mobile customer service with questions and for additional support. MyProfyle recommends that you ask T-Mobile to change your account number (if that is different from your phone number) in order to make accessing your account more difficult and to place a password and additional security measures on your account. It’s simply too easy to convince a front-line customer service representative to reset your password or take other steps that make you vulnerable. Remember, a cellular phone is basically a credit with an antenna. Don’t get burned by this data breach.
At MyProfyle, we believe this threat is further proof that everyone’s information is at risk from many different sources and that we are all exposed multiple times per year. The solution to identity fraud is not to try to lock your identity or seek unobtainable privacy but to control your identity – not just your credit – by putting yourself in the position know of, approve or decline activity conducted in your name. That’s MyProfyle Free For Life ™ Identity Protection.