T-Mobile has suffered yet another data breach, with the personal information of 37 million customers being compromised. The hacker, who the company referred to as a “bad actor,” was able to access names, birth dates, and phone numbers from the carrier’s customer accounts. The incident occurred on January 5th, but the company was able to plug the hole with the help of outside cybersecurity experts the following day.
According to T-Mobile, there was no indication that their security systems had been compromised. The hack also did not reveal sensitive information such as social security numbers. Government identification numbers, passwords, or payment card information. However, the exposed information did include names, billing and email addresses, phone numbers, birth dates, T-Mobile account numbers, and information on plans and subscriptions.
Not all accounts were affected to the same degree, with some having only a subset of the aforementioned information leaked. The company is currently in the process of informing affected parties of state and federal requirements.
This is not the first time T-Mobile has experienced a data breach, with a similar incident occurring in August 2021. Where the personal information of nearly 77 million customers was compromised. The previous breach included sensitive information such as social security numbers and driver IDs. The company was ordered to pay $350 million in settlements to customers. Invest an additional $150 million in enhancing its cybersecurity practices and technologies. In the recent filing, T-Mobile stated that it had made “substantial progress” in implementing these upgrades.