T-Mobile breach exposes personal customer information

T-Mobile on Thursday reported a recent data breach in which potentially sensitive information, including customer names and billing addresses, was leaked to an unidentified attacker or attackers.

Other information potentially fed to hackers includes customer phone numbers and their rate plan and attached feature set, T-Mobile said in a statement posted to its website. No financial information, social security numbers or passwords were divulged in the attack.

The carrier is required to provide notice of the breach under U.S. Federal Communications Commission guidelines, which considers rate plans and features of voice calling services "customer proprietary network information." Customers received word of the security issue today and were directed to an informational page on T-Mobile's website.

A company spokesperson told CNET that a "very small single digit percentage of customers" were impacted by the incident.

Today's intrusion comes more than a year after T-Mobile suffered a similar breach that impacted some two million people in August 2018. In a statement at the time, the wireless operator said customers' names, billing zip codes, phone numbers, email addresses, account numbers and rate plans were exposed to hackers.

T-Mobile is on the verge of closing a $26.5 billion merger deal with Sprint after receiving final approval from the FCC earlier in November. The two companies now face a group of state attorneys general who have sued to derail the agreement.