Hackers stole data of 7.8 million current T-Mobile customers, as well as 40 million records of former or prospective customers
The scale of the hacker break-in at US telecoms company T-Mobile has been revealed, with millions of current and former customers impacted.
On Monday, T-Mobile confirmed that “some” customer data had been compromised, after it investigated media reports of a forum post, which claimed to have data of over 100 million T-Mobile customers, stolen from T-Mobile servers.
In an update on Tuesday, T-Mobile reported its findings of the cyberattack, and confirmed that personal data, including customers’ first and last names, date of birth, SSN, and driver’s license/ID information had been compromised. It said it had “no indication” that any financial data (credit card, debit or other payment information) had been compromised (at this time).
“As we shared yesterday, we have been urgently investigating the highly sophisticated cyberattack against T-Mobile systems, and in an effort to keep our customers and other stakeholders informed we are providing the latest information we have on this event and some additional details,” said the US mobile operator.
T-Mobile said that its preliminary analysis is that approximately 7.8 million current T-Mobile postpaid customer accounts’ information appears to be contained in the stolen files.
Even worse, T-Mobile said that just over 40 million records of former or prospective customers who had previously applied for credit with T-Mobile, were also compromised.
However it said that no “phone numbers, account numbers, PINs, passwords, or financial information were compromised in any of these files of customers or prospective customers.”
“As a result of this finding, we are taking immediate steps to help protect all of the individuals who may be at risk from this cyberattack,” the operator said.
T-Mobile customers will be immediately offered 2 years of free identity protection services with McAfee’s ID Theft Protection Service.
It is also recommending (as a precaution) that all T-Mobile postpaid customers proactively change their PIN by going online into their T-Mobile account or calling their Customer Care team by dialing 611 on their phone.
The operator is also offering customers an extra step to protect thier mobile account with T-Mobile’s Account Takeover Protection capabilities for postpaid customers, which makes it harder for customer accounts to be fraudulently ported out and stolen.
It has also provided customers with a dedicated webpage for customers over the matter.
“At this time, we have also been able to confirm approximately 850,000 active T-Mobile prepaid customer names, phone numbers and account PINs were also exposed,” the operator said. “We have already proactively reset ALL of the PINs on these accounts to help protect these customers, and we will be notifying accordingly right away. No Metro by T-Mobile, former Sprint prepaid, or Boost customers had their names or PINs exposed.”
T-Mobile said that it has confirmed that there was some additional information from inactive prepaid accounts accessed through prepaid billing files. But no customer financial information, credit card information, debit or other payment information or SSN was compromised it said.
It should be noted that T-Mobile has been hacked on multiple occasions in the past, with some publications reporting that the operator has been hacked as many as five times in recent years.
In 2015 the personal data on 15 million T-Mobile USA customers appeared online for sale.
T-Mobile last year finally completed its $26 billion acquisition of rival Sprint, in a deal that took years to complete.
The merger, which almost took place in 2014, was revealed in April 2018, but faced significant regulatory scrutiny over concerns it would reduce competition, and result in higher prices for consumers.
Deutsche Telekom, which owns T-Mobile, had been negotiating with Japan’s SoftBank, which controlled Sprint, for years.