// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-newsDTG 0600Z
ColdRecon / Breach Radar / Trump Mobile
Breach Record

Trump Mobile

DISCLOSED 2026-05-22 · MISCONFIG

Trump Mobile confirmed on May 22, 2026 that customer names, email addresses, mailing addresses, cell phone numbers, and order identifiers were exposed to the open internet due to a third-party platform misconfiguration. The exposure was first reported by TechCrunch two days earlier. No ransomware or endpoint compromise was involved.

The record

What we know

Disclosed
2026-05-22
Attack vector
Misconfig
Sector
telecommunications
Data classes exposed
namesemail addressesmailing addressescell phone numbersorder identifiers
ColdRecon assessment

Could a positive-security control have prevented this?

Verdict · unclear · opinion

The breach involved a third-party platform misconfiguration exposing data to the internet, not an endpoint compromise; a positive-security model on endpoints would not directly prevent this cloud misconfiguration.

Our assessments are opinion, grounded in the cited public facts. Read them critically.

Sources

Cited reporting

Similar vector · recent

Other misconfig breaches on file

This page is the permanent ColdRecon entry for the Trump Mobile disclosure. It updates if new public reporting emerges. All tracked breaches →

Trump Mobile just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →