A “highly sophisticated cyberattack” has stolen the information of 40 million T-Mobile customers in the US.
T-Mobile has announced that it had experienced a data breach, compromising the data of 40 million customers. The telecommunications provider described the breach as a “highly sophisticated cyberattack.” It said it is “taking immediate steps to help protect all individuals who may be at risk from this cyberattack”. It only identified the attack after online reports released last weekend of criminals attempting to sell a large database comprising T-Mobile customer information.
“Late last week, we were informed of claims made in an online forum that a bad actor had compromised T-Mobile systems,” it said.
“We immediately began an exhaustive investigation into these claims and brought in world-leading cybersecurity experts to help with our assessment.
“We then located and immediately closed the access point that we believe was used to illegally gain entry to our servers.”
T-Mobile has emphasised that the financial details of the customers were not leaked in the breach. It has identified that the following data was compromised:
- 7.8 million current postpaid customer accounts’ information.
- 40 million records of old and prospective customers.
- The names, phone numbers, account numbers and PINs of 850,000 active prepaid customers.
T-Mobile has said that it has reset all account PINs to protect those affected. It also emphasised that no phone numbers, account numbers, PINs, passwords, or financial information of prospective customers were compromised.
“We take our customers’ protection very seriously and we will continue to work around the clock on this forensic investigation to ensure we are taking care of our customers in light of this malicious attack,” the company said.
“While our investigation is ongoing, we wanted to share these initial findings even as we may learn additional facts through our investigation that cause the details above to change or evolve.”
- Powering the future of Pride: T-Mobile invests in educational equity for LGBTQ+ youth
- 5G, FWA, WWAN: Inside the Ericsson Mobility Report
- Ransomware surges in, and the data floods out
- How technology can help consumers and businesses manage personal data online
This is the second major attack on the network provider. Hackers previously stole the information of 15 million current and potential T-Mobile customers in 2015. It has yet to be confirmed if former T-Mobile customers in the UK have been included in the breach.