TMUS -0.52%
US Inc. said: The hackers gained access to the data, including birthdates and billing addresses, of about 37 million of its customers. The second largest security breach in the wireless company.
The company said in a regulatory filing on Thursday that it discovered the intrusion on January 5 and is working with law enforcement officials and cybersecurity advisors. T-Mobile said it believes hackers had access to its data as early as November 25 but has since managed to stop the malicious activity.
The cellphone company said it is currently notifying affected customers and that it believes the most sensitive types of records — such as credit card numbers, Social Security numbers and account passwords — have not been compromised.
The company said its preliminary investigation indicated that data on 37 million existing postpaid and prepaid customer accounts had been disclosed. The company said the hackers may have accessed names, billing addresses, emails, phone numbers, dates of birth and account numbers. It was also possible to access information such as the number of lines on the account and plan features, the company said.
“Few basic customer information (almost all of it of the type widely available in marketing databases or directories) was obtained,” T-Mobile said in a statement. “Passwords, payment card information, Social Security numbers, government identification numbers, or other financial account information were not compromised.”
The company said its systems weren’t hacked but someone was improperly obtaining data through an application programming interface, or Application Programming Interface, that could provide some customer information. The company said it shut down the activity within 24 hours of its discovery.
The company’s investigation into the incident is ongoing. T-Mobile warned that it could incur significant costs related to the accident, though it said it does not currently expect a material impact on the company’s operations.
T-Mobile acknowledged a security breach last year after personal information Regarding more than 50 million From its current, past and potential clients for sale online. T-Mobile later raised its estimate and said about 76.6 million U.S. residents had some type of exposed records.
A 21-year-old American living in Turkey has claimed credit for breaking into 2021 He said the company’s security practices It paved an easy path for data theft, which included social security numbers, dates of birth, and phone IDs. T-Mobile CEO He later apologized for the failure He said the company will work to improve data protection measures.
T-Mobile The proposed payment of $350 million to settle a class action lawsuit related to the hack in 2021.
Write to Will Feuer at [email protected]
Copyright © 2022 Dow Jones & Company, Inc. All Rights Reserved. all rights are save. 87990cbe856818d5eddac44c7b1cdeb8
“Infuriatingly humble alcohol fanatic. Unapologetic beer practitioner. Analyst.”