Image from

The T-Mobile data breach is scary because so much is unknown, but what little information is available tells us that the worst kind of personal data has been leaked for a lot of people. What’s more, it is difficult to know if your data was in the breach. But you do not need to panic.

You can gain piece of mind by taking a few safety measures that will be effective regardless of how bad this situation becomes.

What Do We Know So Far?

A quick review of the situation is as follows: T-Mobile suffered a massive breach but tried to keep it quite until it was revealed by an article from VICE. T-Mobile acknowledge the breach but the extent of it is not certain, the company has not been forthcoming with its information. However, it is estimated that millions of people’s data has been exposed and it is some of the worst kinds of personal information to lose. This data reportedly includes social security numbers, phone numbers, names, physical addresses, and driver license information.

There are many articles that will give you a litany of security measures that you can take (signing up for an account with the social security administration, changing the two-factor authentication on all of your accounts, etc.). But there are a couple of comparatively quick actions specific to this breach that you can take right now that will address the heart of the problem.

What To Do?

Secure your T-Mobile account, put a freeze on your credit (even if you don’t have an account with T-Mobile, you are in danger if you ever let them run a credit check on you), and then seek out good security education.

Right now would be a good time to get one of the many free password managers, but if you are not interested you can skip to the next paragraph. Bitwarden is widely considered the most convenient while still very secure. A password manager will automatically (no effort on your part) log your credentials whenever you log into an account and save them locally. This last part is important because it means that the company does not have its clients’ credentials in a central database and therefore if the company Bitwarden were breached, your credentials would still be safe. Finally, and most importantly for our purposes here, Bitwarden will suggest and save passwords that are random and unique. You will see why that is so important in a moment.

Your T-Mobile Account

You want to secure your T-Mobile account if you have one by changing your password and added in a passcode (or changing that too if you have one). Log into your T-Mobile account before a hacker can and change the password to something unique.

While you are logged into your account, take advantage of a special function in T-Mobile that lets you set up a unique passcode. If you want to reset your password in the future, you will need to passcode, so make sure you save it to your password manager. This simple act will prevent many of the most widespread scams, which often rely on people pretending to be you and trying to reset your password. But that is beyond the scope of this article.

Your Credit

Next, put a freeze on your credit. When someone steals your identity, you can eventually get your money and accounts back, but your credit can be irreparably damaged. A freeze on your credit will keep it safe and prevent hackers from opening new lines of credit in your name. Go to the three big credit agencies (Experian, Equifax, and TransUnion) and there is an option on each of their websites to freeze your credit. And of course, you could just call them too.

Your Education

The best measure you can take to stay safe is to obtain quality security education for you and your colleagues to be aware of the tactics that are out there. You should consider making your business networks more secure by reaching out to Cyber Security Crusaders for assessment services with actionable steps. Just go to to contact us or learn more.

Bonus Suggestion

If you feel like putting in a little extra effort, you can also change the password on any other accounts where you used that same password. If you don’t want to try to remember each of those accounts, you can just look up which of those other accounts (where you used the same password) were also exposed in data breaches. Find those accounts by searching your password on data breach websites like and The results will show any accounts that were exposed in a data breach that used that same password. Look in those results for your accounts and go change your password (preferably choose a unique password so you don’t have to do this step again if those sites get breached again).