7.8 million customers’ personal data stolen in cyberattack on T-Mobile’s postpaid service

The personal data of more than 7.8 million current customers and the records of more than 40 million former or prospective postpaid users has been compromised in a cyberattack, T-Mobile US announced on Wednesday.

The company discovered the attack last week after claims were made online that “a bad actor had compromised T-Mobile systems,” leading the company to launch an “exhaustive investigation,” a statement released on Wednesday revealed.

An initial assessment of the breach by the company estimated that around 7.8 million current postpaid customer accounts had information stolen, along with more than 40 million records of former or potential users who had applied for credit with the company. 

Information in the stolen files included customers’ first and last names, date of birth, social security numbers and driver’s license and ID information. However, T-Mobile stressed that “no phone numbers, account numbers, PINs, passwords, or financial information were compromised.”

After uncovering the cyberattack, using experts in the field, T-Mobile identified and closed the point of entry believed to have been used to access the company’s servers and steal the data. 

As a result of the breach, T-Mobile has offered those affected 2 years of free identity protection services and encouraged all customers to change their PIN as a precaution.

The company had previously acknowledged a breach had occurred but had not provided detailed information about what was targeted or who was affected. T-Mobile’s statement did not accuse or identify who might have been responsible for the attack, although it said that the investigation is still ongoing.

Think your friends would be interested? Share this story!