Mobile telecommunication company T-Mobile US, Inc. has revealed that a data breach on its systems that compromised some of its customers’ personal information.
According to an official announcement from the company, T-Mobile’s cybersecurity team recently identified and shut down a malicious attack against their email vendor that led to unauthorized access to certain T-Mobile employee email accounts, some of which contained account information for T-Mobile customers and employees.
Information accessed illegally may have included names and addresses, phone numbers, account numbers, rate plans and features, and billing information. T-Mobile claims financial information (including credit card information) and Social Security number were not impacted. The company also noted that they are not aware of any evidence where the information contained in the affected email accounts has been used to commit fraud or otherwise misused.
However, T-Mobile did urge its customers to review account information and update the personal identification number (PIN/passcode) on their T-Mobile account. To prevent any further security incidents, the company claims they are “always working to enhance security” so they can stay ahead of this type of activity and protect their customers. “We also are reviewing our security policies and procedures to enhance how we protect these systems,” says the announcement.
It is not known how many customers were affected by the data breach. However, it’s important to consider that T-Mobile services 86.0 million customers in total, according to its Q4 2019 data. In addition, this is not T-Mobile’s first security incident. In 2019, T-Mobile suffered a data breach that affected its pre-paid customers. And in 2018, T-Mobile customers were also affected by a data breach that compromised customer names, billing ZIP codes, phone numbers, email addresses, account numbers, and account types (prepaid or postpaid).