T-Mobile customers have been caught up in a recent hack, the company said on Friday.
T-Mobile told TechCrunch that “less than 1.5%” of its customers had been affected, meaning around a million people may have had their data compromised in the incident.
The intrusion, which has alarming echoes of another T-Mobile hack in 2018, was discovered earlier this month and shut down immediately, the company said. We’ve reached out to T-Mobile for more information about the precise nature of the breach and will update this piece if we hear back.
In a message to affected customers, America’s third most popular carrier said that its cybersecurity team had recently discovered “malicious, unauthorized access to some information” related to T-Mobile accounts.
It said the stolen data is likely to have included information associated with a customer’s prepaid service account, including name, billing address (if one was provided when the account was set up), phone number, account number, rate plan, and details of any added features, such as international calling.
T-Mobile was keen to reassure customers that no financial data, such as payment card numbers, was taken in the breach, nor were any social security numbers involved. Account passwords are also safe, it said.
This month’s hack follows a similar one that affected around 2 million T-Mobile customers in August 2018, which the company blamed on an unidentified group of international hackers.
While any security breach has to be taken seriously, the nature of the stolen data in this latest incident could have been a lot worse. But affected customers will likely still be upset that hackers were able to breach the company’s cyber defenses for the second time in just over a year, with the stolen data potentially proving useful to criminals intent on misdeeds such as identity theft or account hijacking.
News of the hack comes just days after John Legere, T-Mobile’s charismatic CEO, announced he will step down in April 2020 after seven years in the hot seat. Mike Sievert, T-Mobile’s current president and chief operating officer, is expected to replace Legere as the company continues to prep its expected merger with Sprint.
- Hackers expose personal details of 10 million MGM hotel guests
- Attacks from Chinese hacking group have spiked, U.S. firm says
- Best Identity Theft Protection of 2020
- Marriott data breach: What to know and how to protect your data
- Walgreens mobile app leaked some customers’ personal data