Malcolm Owen
T-Mobile has confirmed it is the victim of a server breach where attackers accessed customer data, with the recently-discovered intrusion involving personal data potentially affecting as many as two million users of the major U.S. carrier.
A notice to customers on the T-Mobile website advises the carrier's cyber-security team "discovered and shut down an unauthorized access to certain information" on August 20. After discovering the breach, T-Mobile notes it "promptly reported it to authorities."
It is advised the breach did not involve the acquisition of financial data, including credit card information, nor did it compromise social security numbers or passwords. Of the data that has been exposed, T-Mobile states it may include a user's name, billing zip code, phone number, email address, account number, and whether it is a prepaid or postpaid account.
T-Mobile is currently in the process of notifying customers affected by the breach, and advises those with questions about the incident or their account to contact customer care. Customers who don't receive the notification are not affected by the attack, but are also encouraged to contact customer services with their queries.
While the exact number of customers affected by the breach has not been officially released, a company spokesperson told Motherboard it is "about" or "slightly less than" three percent of its 77 million customers. Hypothetically, if a full three percent of customers were affected, this would put the total number at approximately 2.31 million users.
The spokesperson advised the incident took place early on August 20, with the hackers believed to be part of an "international group," though it is unknown if the hackers are criminals or state-sponsored actors. Specifics of the attack were also not able to be provided, but the spokesperson claims "We found it quickly and shut it down very fast."
T-Mobile customers can contact customer care by dialling 611 from their device, use two-way messaging on my-tmobile.com, the T-Mobile app, or iMessage through Apple Business Chat. A callback can also be requested via the app and the website.
Andrew Orr
Amber Neely
William Gallagher
Christine McKee
AppleInsider Staff
43 Comments
I am loyal to ATT. They were the only ones who gave iPhone a chance. Nobody else had any faith in Apple.
That article recently about the 17 year old that hacked the MySql databases in voting machines in a training exercise in a few minutes and was able to change the numbers or even delete them was the scariest thing I've read in a long time. Time to go back to all paper ballots, pigeons for mail me thinks!
Kudos to T-Mobile for reporting it so quickly. Typically, the hacked firm takes months before they make it public and notify those whose data was stolen.