T-Mobile customers are the victim of yet another hack, this one following a major breach the wireless carrier revealed in late 2015. According to the Uncarrier, its team found an “unauthorized access” of its system exposing some information about its customers. T-Mobile put an end to that access, but it wasn’t in time to prevent things like names, phone numbers, and email addresses from being left vulnerable.
T-Mobile disclosed the breach today, explaining that while it didn’t involve financial details or Social Security numbers, some customer data was left exposed to the hackers. In addition to the personal data mentioned above, the hackers may have been able to access customers’ account types, such as whether they were prepaid, and account numbers.
Customers impacted by the security issue have been notified of the potential data theft; subscribers who haven’t been notified weren’t exposed. Individuals who received an alert — including impacted MetroPCS customers — are able to contact T-Mobile’s Customer Care about the matter; this can be done by dialing 611 from the smartphone or using the T-Mobile App, among other things.
T-Mobile hasn’t revealed any information it may have about the nature of the breach, including whether they know who was behind it. The carrier says it reported the intrusion to law enforcement, but no additional info was provided.
However, a T-Mobile spokesperson clarified the scope of the matter to Motherboard, reporting that 2 million wireless customers were impacted by the breach. As well, the rep revealed that passwords were exposed — to a degree — by the intrusion, but weren’t mentioned in the official disclosure due to being encrypted.