The T-Mobile data breach affected the data of 37 million customers

The T-Mobile data breach affected the data of 37 million customers

T-Mobile has admitted that hackers were able to steal the information of about 37 million postpaid and prepaid customers in another major data breach. The carrier said in a regulatory filing that it discovered the issue on January 5, but that it believes the bad actors had been taking data from the company since November 25. In a post announcing the breach, T-Mobile revealed that the hackers used an API to steal customer information.

Although the company was able to contain the issue 24 hours after discovering the malicious activity, the bad actors had access to its data long enough to steal people’s names, billing addresses, emails, phone numbers and birthdays. steal They were also able to find users’ account numbers and information about their plans, such as the number of lines they have. T-Mobile, however, said it has not come across evidence that its network or systems have been compromised. “No passwords, payment card information, social security numbers, government identification numbers or other financial account information were stolen”, the company said.

The carrier is still investigating the incident to gain a more detailed view of what happened, but has already warned investors that it is likely to incur significant costs as a result of the incident. According to The Wall Street JournalThe Federal Communications Commission also opened an investigation into T-Mobile, because as a spokesperson told the publication, “this incident is the latest in a series of data breaches at the company.”

If you recall, the carrier confirmed in August 2021 that ten million customers were affected by a data breach that exposed their sensitive information, including their social security numbers and driver’s licenses. T-Mobile CEO Mike Sievert said back then that the hacker used “specialized” tools and knowledge of its infrastructure to gain access to its test environment. While that breach initially affected about 30 million customers, it eventually went to 76.6 million customers.

Nearly a year later, the carrier agreed to pay $350 million to settle a consolidated class action lawsuit and pledged to spend $150 million to update its data security technologies. As The New York Times reports, the company said that “significant progress has been made so far” on those updates, but it was clearly not enough to prevent this incident. In its announcement, however, T-Mobile promised to continue making ‚Äúsubstantial multi-year investments in strengthening [its] cyber security program.”

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories contain affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at time of publication.

Leave a Reply

Your email address will not be published. Required fields are marked *