T-Mobile experienced another security breach in less than 18 months. The carrier revealed that a hacker stole data, including names, dates of birth and phone numbers, from 37 million customer accounts.
The “bad actor” was initially found to have obtained the data on January 5, and the carrier closed the hole with the help of external cybersecurity experts the next day.
According to the telecommunications company, there was no evidence that its security systems were compromised, and the mechanism used by the hacker did not expose more sensitive data such as social security numbers, government identification numbers, passwords or payment card information.
The disclosed information included names, billing and email addresses, phone numbers, dates of birth, T-Mobile account numbers, and information about plans and subscriptions. But not all accounts had the full list of data leaked. The airline is in the process of notifying affected parties in accordance with state and federal requirements.
Just a year and a half ago, in August 2021, data from nearly 77 million T-Mobile accounts was leaked, and back then it included SSN and driver IDs. After a lawsuit, the company was ordered to pay $350 million to settle customer claims and to invest $150 million more in improving its cybersecurity practices and technologies. In the latest filing, T-Mobile revealed that it has “made significant progress to date” on these upgrades.
