Over 40 million customer records exposed in data breach, T-Mobile confirms

Over 40 million customer records exposed in data breach, T-Mobile confirms

Image:
Over 40 million customer records exposed in data breach, T-Mobile confirms

No payment card details of customers or any other financial information was accessed, it asserts

US mobile carrier T-Mobile said on Tuesday that more than 40 million records from past or prospective customers who had applied for T-Mobile credit were exposed in a recent data breach.

In a statement on its website, the company disclosed that the information accessed by hackers included full name of customers, birth dates, social security numbers (SSNs), and IDs such as drivers licenses.

Files stolen by hackers do not appear to have included any customer financial information, debit/credit card details, or any other financial data, the company said.

"Our preliminary analysis is that approximately 7.8 million current T-Mobile postpaid customer accounts' information appears to be contained in the stolen files, as well as just over 40 million records of former or prospective customers who had previously applied for credit with T-Mobile," it added.

"Importantly, no phone numbers, account numbers, PINs, passwords, or financial information were compromised in any of these files of customers or prospective customers."

The mobile carrier also confirmed that names, phone numbers and account PINs of nearly 850,000 active T-Mobile prepaid customers were also exposed in the hack.

All of the PINs of those accounts have been reset, and the company is currently in the process of notifying those customers.

T-Mobile also found that hackers were able to access some data from inactive prepaid accounts through prepaid billing files.

While the company did not say what information from those prepaid accounts was exposed, it noted that "no customer financial information, credit card information, debit or other payment information or SSN" was present in those files.

T-Mobile said it takes "customers' protection very seriously" and will continue to work around to ensure that appropriate steps are taken to protect customers from malicious actors.

The carrier is advising all T-Mobile postpaid customers to change their PIN by going online into their T-Mobile account or calling customer care service. The company is also offering customers 2 years of free identity protection services with McAfee's ID Theft Protection Service.

Earlier this week, T-Mobile announced that it was investigating a leak of its data after someone on an underground forum claimed to have obtained data on more than 100 million mobile customers.

While that forum post did not mention T-Mobile, the seller told Motherboard that they had obtained data from multiple servers related to T-Mobile.

Motherboard also reported that the hacker was selling a portion of the stolen data (containing about 30 million driver licences and social security numbers) on the underground forum for 6 bitcoin (about $270,000).

An individual, with username 'und0xxed' on Twitter, told Krebs on Security that they were trying to find buyers for the stolen T-Mobile customer data. Und0xxed said that the breach occurred after the intruders "found an opening in T-Mobile's wireless data network" which allowed them to access two of T-Mobile's customer data centres.

T-Mobile is one of the largest mobile carriers in the US, along with Verizon and AT&T. The company bought rival firm Sprint in 2020, and reported having a total of 102.1 million US customers after the merger.

Over the years, T-Mobile has disclosed many security incidents, most recently in January which involved unauthorised access to customer data.

A data breach last year also affected email accounts of a number of T-Mobile employees.