T-Mobile said a “bad actor” accessed the personal data of 37 million current customers in the November data breach.
A Regulatory filings On Thursday, the company said the hacker stole customers’ names, billing addresses, emails, phone numbers, dates of birth, T-Mobile account numbers and information describing their service with the wireless carrier. No T-Mobile Social Security numbers, credit card information, government ID numbers, passwords, PINs or financial information were exposed in the hack.
However, that information can be bundled with other stolen or publicly available information and used by fraudsters to steal people’s identities or money. T-Mobile said it is working with law enforcement and has begun notifying customers whose data may have been breached.
The wireless carrier did not specify what it might do to remedy the situation. It noted that it could incur “significant costs” because of the hack, though the company doesn’t expect the charges to have a significant impact on T-Mobile’s bottom line.
(TMUS) After learning about the data breach, the company said it had appointed an external cyber security team to investigate. T-Mobile
(TMUS) We were able to find the source of the breach and stop the hack a day after it was discovered. The company says it continues to investigate the breach, but believes it is “fully contained.” It also mentioned T-Mobile
(TMUS)Its settings and network do not appear to have been hacked.
“Protecting our customers’ data remains a top priority,” T-Mobile said in a statement. “We will continue to make significant investments to strengthen our cybersecurity program.”
The company noted that it has begun a “significant, multi-year investment” in 2021 to improve its cybersecurity capabilities and defenses.