T-Mobile Denies Data Breach While Exposing Few Customer Data in a System Glitch

• Written by Shipra Sanganeria Cybersecurity & Tech Writer

Mobile telecom company, T-Mobile denied claims of being breached a third time this year. The incident came to light, when a threat actor going by the alias ’emo’ posted the leaked data on BreachForums for free.

The 90GB exfiltrated data posted on the hacking forum includes employee IDs, job titles, departments, rehire and termination dates, address, partial Social Security Numbers, email addresses, customer data, and other information.

However, T-Mobile has denied the alleged claim stating that the leaked data belongs to one of its authorized retailers. ‘’[..] The data being referred to online is believed to be related to an independently owned authorized retailer from their incident earlier this year. T-Mobile employee data was not exposed,’’ the company revealed.

By naming the post, ‘’T-Mobile | Connectivity Source (one of T-Mobile’s authorized retailers),’’ the hacker does connect the breach to both the companies; the post however claims the stolen data belongs to T-Mobile.

The news was first shared by malware researchers VX-Underground, who in tweets on X (formerly Twitter) claim the expose to be a result of T-Mobile’s April 2023, breach.

Over the years, the telecom giant has been breached several times. ‘’This is T-Mobile’s 8th breach since 2018,’’ VX-Underground states .

In addition to the hacking incident of last week, T-Mobile also suffered a system malfunction that accidentally exposed personal information of its customers. The breach was noticed when some customers complained about the issue on Reddit and X.

The posts mentioned that upon logging into the company’s app, customers could view other customers’ personal information, including plan and financial details. Regarding the incident, the company disclosed that the leak was due to an overnight update and involved less than 100 customers’ information.

Both the breach incidents either involve customer or employee information, which can be used by threat actors to commit financial frauds, send targeted phishing emails, or SMS messages.

Apple Issues Critical Security Patches for Actively Exploited Zero-Day Flaws

• Written by Shipra Sanganeria Cybersecurity & Tech Writer

Just days after the release of emergency security updates to fix two zero-day vulnerabilities (exploited to deliver NSO Group’s Pegasus spyware), Apple urged users to update their devices with new security patches.

The iOS zero-day exploit chain was discovered by security researchers at Citizen Lab and Google’s Threat Analysis Group (TAG), while working with Egypt’s former Member of Parliament, Ahmed Eltantawy. The flaws, which can be found across Apple’s array of products, were actively being exploited by threat actors to target Eltantawy with Cytrox’s Predator spyware.

When disclosed to Apple, it assigned the following CVEs to the three identified vulnerabilities:

• CVE-2023-41991 – described as a ‘’certificate validation issue’’, an attacker with the help of a malicious app can use this to bypass signature validation. The Security Framework flaw was ‘’ actively exploited against versions of iOS before iOS 16.7,’’ revealed Apple.
• CVE-2023-41992 – A kernel flaw, which was addressed with improved checks, can be actively exploited by threat actors to escalate privileges.
• CVE-2023-41993 ­ – found in the WebKit browser engine, the flaw was addressed with improved checks. A hacker can exploit this flaw to carry out arbitrary code execution, meaning deploy malware on a victim’s device. ‘’[..] this issue may have been actively exploited against versions of iOS before iOS 16.7,’’ the tech giant revealed.

On September 21, Apple issued patches to address these flaws in multiple products, including both older and newer models. Devices include iPad mini 5th generation and later, watchOS 9.6.3 & 10.0.1, Mac devices running macOS Ventura 13.6, Monterey 12.7, and iOS 16.7, 17.0.1.

Known for identifying and investigating spyware malware targeted at journalists, politicians, activists, among others, Citizen Lab has urged all Apple owners to update their devices with the issued patches. Moreover, they’ve advised users to activate Lockdown Mode on their devices.

‘’[..] we believe, and Apple’s Security Engineering and Architecture team has confirmed to us, that Lockdown Mode blocks this particular attack.’’