T-Mobile security breach exposes customer data: Why only prepaid?

By Eric Abent/Nov. 22, 2019 2:55 pm EST

If you're a T-Mobile prepaid user, then we've got some sour news to kick off your weekend. T-Mobile announced today that a number of its prepaid subscribers have had their personal information compromised in a data breach. The good news is that none of the financial data, social security numbers, or passwords associated with these accounts were compromised.

Still, T-Mobile's statement about the data breach gives reason for pause. The company says that that some customer data was still accessed, including name, billing address, phone number, account number, rate plan and the optional features that may have been attached to it.

T-Mobile doesn't say how many customers were impacted by this breach, but it does say that it's notifying the customers that were affected. If you wind up receiving one of those notifications, the company recommends either confirming or updating your account's PIN by dialing 611 from your T-Mobile device. You can also reach customer service by dialing 1-800-TMOBILE from any phone.

Even if you don't receive a notification – which T-Mobile says are in the process of being sent out – it wouldn't be a bad idea to call customer service anyway and update your PIN. T-Mobile also says that lapsed prepaid customers can email privacy@t-mobile.com to see if their information was impacted, but it seems that even those who are no longer prepaid users will still get a notification if their data was accessed.

So, even though it's good that financial data and social security numbers weren't accessed in this breach, this is still a headache for anyone who was hoping that T-Mobile would keep their personal data safe, which we would imagine is every single prepaid customer. This, unfortunately, is not the first data breach we've heard about today, as OnePlus customers have also found themselves in a similar situation.

It's interesting that this data breach only affected T-Mobile's prepaid customers while postpaid customers are apparently safe. We probably won't get a direct explanation for that, but it does make us wonder if T-Mobile is more lax with prepaid security than it is with security for postpaid customers.