I get to hang out with some very clever cryptographers at a bar about once a month. They make math-y jokes over my head, but demonstrate that best case is a stalemate where data is no longer significant before it’s encryption theme has become significantly penetrable.
T-Mobile announced an unauthorized capture of data. The updates paint a picture almost as disturbing as the loss itself in that they show either a misunderstanding or a ~careful wording to diminish verbal impact~, followed by better disclosure.
Here are a few that stood out for ~beer spit-take~ potential with the cryptography nerds;
“Because they weren’t [compromised]. They were encrypted.”
“may have included one or more of the following: name, billing zip code, phone number, email address, account number and account type (prepaid or postpaid).”
“about” or “slightly less than” 3% of its 77 million customers.” …so about …2 million…
https://motherboard.vice.com/en_us/article/a3qpk5/t-mobile-hack-data-breach-api-customer-data
https://www.t-mobile.com/customers/6305378821
Being a T-Mobile service user scares me now. Hope i am not one of the affected user. There press release was comforting at first then they walked back on there word and all the confidence in their encryption process . Thanks for the heads up!