T-Mobile data breach exposes millions of customers’ personal data

T-Mobile has said that it has been hit by a “highly sophisticated cyberattack” that compromised the personal data of more than 7.8 million customers.

Additionally, more than 40 million records belonging to former and prospective customers were affected.

In a statement, it confirmed that the stolen data included US customers’ full names, dates of birth, Social Security numbers and ID information.

Additionally, approximately 850,000 active T-Mobile prepaid customers’ phone numbers and account PINs were compromised.

The incident was discovered after reports last weekend that criminals were attempting to sell a large database containing T-Mobile customer data.

That means the attackers were able to break into the telecoms company’s systems and exfiltrate data without setting off any alarms.

Mitigating the damage

After disclosing the breach, T-Mobile said it was “confident” that it had shut down the point of entry used by the attackers.

It added that it was conducting a “deep technical review of the situation across [its] systems” to identify the full extent of the attack.

As often happens in incidents such as this, T-Mobile has offered its customers two years of complementary identity protection services.

“We take our customers’ protection very seriously and we will continue to work around the clock on this forensic investigation to ensure we are taking care of our customers in light of this malicious attack,” the organisation said.

“While our investigation is ongoing, we wanted to share these initial findings even as we may learn additional facts through our investigation that cause the details above to change or evolve.”

This is the fourth time in the past two years that T-Mobile has been breached. In December 2020, the company confirmed phone numbers and call records had been exposed after an attacker compromised its systems.

Nine months earlier, its cyber security team disclosed an attack against its email vendor, which came hot on the heels of an another unauthorised actor accessing its systems.

The Weekly Round-up: subscribe now