T-Mobile’s new year is not off to the greatest of starts after the carrier revealed details of a security breach affecting some of its customers.
A message on T-Mobile’s website says that a recently identified security incident may have allowed hackers to steal customer data such as phone numbers, number of lines subscribed to on an account, and call-related information collected as part of the normal operation of its wireless service.
T-Mobile, which merged with Sprint last year in a $26 billion deal, told Bleeping Computer that the breach affected “a small number of customers (less than 0.2%).” But as the site points out, this equals around 200,000 accounts and so the incident cannot be easily brushed aside.
Although the carrier assured customers that the accessed data did not include names linked to the accounts, physical or email addresses, financial data, credit card information, social security numbers, tax ID, passwords, or PINs, a breach of this nature could nevertheless undermine customer confidence in T-Mobile’s ability to safeguard data — especially as it marks the third such incident in the last two-and-a-half years, with the two earlier breaches affecting many more accounts.
Explaining this latest incident, T-Mobile said its cybersecurity team had “recently discovered and shut down malicious, unauthorized access to some information” linked to its customers. “We immediately started an investigation, with assistance from leading cybersecurity forensics experts, to determine what happened and what information was involved. We also immediately reported this matter to federal law enforcement and are now in the process of notifying impacted customers.”
T-Mobile customers keen to obtain more information about the security breach can contact the carrier online, or call 1-800-937-8997. T-Mobile store staff should also be able to assist.
The company apologized for any inconvenience while insisting that it takes the security of customer information seriously. Digital Trends has reached out to T-Mobile for the latest update on the breach and we will update this article when we hear back.