Another T-Mobile Security Incident Results in Some Customers' Personal Data Being Exposed to Hackers

The company states that no credit card or social security data was accessed by the hackers

Another T-Mobile Security Incident Results in Some Customers' Personal Data Being Exposed to Hackers
Image: Pixabay
August 24, 2018

Is your phone service currently through T-Mobile? If so, listen up. T-Mobile has confirmed that hackers breached its systems and gained access to some customer data.

What Data Was Stolen?

The company, which is currently merging with Sprint, issued a statement saying that hackers stole customer names, phone numbers, email addresses, billing zip codes, account numbers, and the customer account type (whether it was prepaid or not). The company is describing the breach as an "unauthorized capture of data."

Discovery of the Data Breach

The company's cybersecurity team discovered and shut down the unauthorized access on August 20, 2018. The company insist that no financial data, including credit card information or Social Security numbers, were involved. It also says that no passwords were compromised.

Who Is Affected?

It is uncertain how many customers were impacted by this latest breach. Various media outlets are reporting different figures, citing various company spokespersons. An official number from the company has not been released.

T-Mobile begin notifying customers of the breach today with a text message sent to affected accounts. However, some customers reported this text message as suspicious, stating that it looked like a phishing attempt due to the shortened URL that directs them to an online statement.

This is not the first security incident

This latest breach is one of a number of security incidents at the company this past year. In May 2018, a security weakness in a T-Mobile subdomain used by staff was discovered, which returned customer data without requiring a password. It was similar to another vulnerability found a few months earlier that exposed customer email addresses and billing account numbers. The company was also forced to stop sharing customer location data with third parties after some criticized the practice.

Should you change your passwords?

Data breaches are serious, even if no financial information or Social Security numbers are exposed. Other personal details are also sensitive. If you were affected by this breach, you should consider changing your account password as an added safety precaution as data breaches that initially report no access to passwords are sometimes revised at a later date once companies have time to thoroughly examine their systems.

If you have questions

Any T-Mobile customer with questions or concerns can contact customer care by dialing 611 from a T-Mobile phone or by calling (877) 453-1304.