The US telecom T-Mobile has confirmed that it suffered a data breach in which a malicious actor was able to obtain the personal data of over a million of its customers.
Thankfully though, no financial or password data was exposed and the company has alerted affected customers regarding the breach.
The malicious actor was able to obtain the names, billing addresses, phone numbers, account numbers and rate plans and features purchased by T-Mobile's prepaid data customers. The company provided more details on the data breach in a disclosure notice (opens in new tab) saying:
- T-Mobile continues US 5G crusade with 600MHz call tests
- Macy's hit by customer data breach
- Also check out the best identity theft protection
“Our Cybersecurity team discovered and shut down malicious, unauthorized access to some information related to your T-Mobile prepaid wireless account. We promptly reported this to authorities. None of your financial data (including credit card information) or social security numbers was involved, and no passwords were compromised.”
Although the personal information of over a million of its customers was exposed, T-Mobile disclosed the data breach in a prompt manner but its disclosure notice provided very few details on what actually happened.
TechCrunch asked a company representative to provide more information on the breach to which they said that “less than 1.5 percent” of its customers were affected.
The data breach itself was discovered in early November and shut down “immediately” according to the representative.
The information obtained by the malicious actor is not enough to try and breach users' other accounts since no passwords were exposed, though hackers could try and steal their identities or take over their accounts. T-Mobile customers whose personal information was exposed should also change their passwords just in case.
- Keep your devices protected from the latest cyber threats with the best antivirus software
Via TechCrunch (opens in new tab)