T-Mobile reports another data breach, impacting 37 million customers

T-Mobile on Thursday said it’s been hit by another data breach, this time impacting approximately 37 million customers. The wireless carrier said a bad actor obtained basic customer information — like names, account numbers and billing addresses — but did not access any sensitive customer information such as government ID numbers or payment card information. 

According to a disclosure document T-Mobile filed with the US Securities and Exchange Commission, the company believes the bad actor first gained access to customer information around Nov. 25, 2022. T-Mobile discovered the breach on Jan. 5, 2023. Within 24 hours, the company traced the source of malicious activity and stopped it. 

The hacker used a single Application Programming Interface (API) to gain access to T-Mobile data. The company is still investigating the breach but said the malicious activity appears to be fully contained. 

The breach hit postpaid and prepaid customer accounts. According to T-Mobile, no passwords, payment card information, Social Security numbers, government ID numbers or other financial account information was compromised. The hacker did gain access to basic data like customer names, billing addresses, emails, phone numbers, dates of birth, account numbers, and information such as the number of lines on the account and service plan features.

So far, there’s no evidence that the bad actor was able to breach or compromise T-Mobile’s systems or its network. 

T-Mobile is currently in the process of informing customers about the incident and is working with law enforcement to

Read more

Explore the site

More from the blog

Latest News