T-Mobile data breach shows API security can’t be ignored

Image: T-Mobile Logo. Article by Tim Keary. VentureBeat – January 20, 2023.

Enterprise security isn’t easy. Small oversights around systems and vulnerabilities can result in data breaches that impact millions of users. Unfortunately, one of the most common oversights is in the realm of APIs. Just yesterday, T-Mobile revealed that a threat actor stole the personal information of 37 million postpaid and prepaid customer accounts via an exposed API (which they exploited between November 25, 2022 and January 5, 2023). The vendor didn’t share how the hackers exploited the API. […]

Click here to view original web page at venturebeat.com