Trump Mobile acknowledged exposing customers' personal data, including phone numbers and home addresses, through a third-party platform vulnerability. The company is currently evaluating notification requirements.
Trump Mobile confirmed a data exposure affecting its customer base after users discovered their personal information was publicly accessible online.
The breach included sensitive details such as phone numbers and home addresses. The company attributed the incident to a vulnerability in a third-party platform used in its operations.
In a statement, Trump Mobile said it is assessing whether customer notification is required under applicable regulations. The company has not yet disclosed the number of affected customers or the timeline of the exposure.
The discovery came after individuals began reporting that their information could be accessed without authorization. Trump Mobile acknowledged the exposure following these public findings rather than proactively disclosing the incident.
The company has not provided details about when the vulnerability was discovered, how long it remained active, or what steps it has taken to secure customer data going forward. It also did not specify which third-party platform was responsible or whether other customers of that service may be affected.
Data breaches involving personal information pose significant risks to consumers, including potential identity theft, fraud, and harassment. Regulatory bodies in multiple jurisdictions have established notification requirements when breaches expose sensitive customer data.
Trump Mobile operates as a mobile virtual network operator (MVNO) in the U.S. telecommunications market. The company's handling of this incident will likely face scrutiny regarding its security practices and transparency standards.
Further details about remediation efforts, customer notification timelines, and the scope of the exposure are expected as the company completes its evaluation.
U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.
Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.
A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.