T-Mobile is continuing to update customers on its latest breach that impacted 7.8 million customers.
The telecom giant, on Friday, issued the following statement:
|TMUS||T-MOBILE US, INC.||116.04||-0.58||-0.50%|
"We have continued to work around the clock on the forensic analysis and investigation into the cyberattack against T-Mobile systems while also taking a number of proactive steps to protect customers and others whose information may have been exposed. Our investigation is ongoing and will continue for some time, but at this point, we are confident that we have closed off the access and egress points the bad actor used in the attack" the company said in its ongoing update on the situation detailed below.
T. Mobile's Attack By the Numbers
- 7.8 million current T-Mobile postpaid customer accounts that included first and last names, date of birth, SSN, and driver’s license/ID information was compromised. We have now also determined that phone numbers, as well as IMEI and IMSI information, the typical identifier numbers associated with a mobile phone, were also compromised.
- Another 5.3 million current postpaid customer accounts that had one or more associated customer names, addresses, date of births, phone numbers, IMEIs and IMSIs illegally accessed. These additional accounts did not have any SSNs or driver’s license/ID information compromised.
- We continue to have no indication that the data contained in any of the stolen files included any customer financial information, credit card information, debit or other payment information.
- Offering two years of free identity protection services with McAfee’s ID Theft Protection Service to any person who believes they may be affected
- Recommending that all eligible T-Mobile customers sign up for free scam-blocking protection through Scam Shield
- Supporting customers with additional best practices and practical security steps like resetting PINs and passwords
- Publishing a customer support webpage that includes information and access to these tools at https://www.t-mobile.com/brand/data-breach-2021
In a statement to FOX Business on Monday, a T-Mobile spokesperson said the company has been "working around the clock to investigate" the claims, but at the time was unclear how wide the attack was.
"We have determined that unauthorized access to some T-Mobile data occurred, however, we have not yet determined that there is any personal customer data involved," the spokesperson said. "We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed."
T-Mobile has suffered data breaches each of the past three years, impacting roughly 2 million customers in 2018, another million in 2019, and roughly 200,000 people in an attack at end of last year. The company's employee email system and some customer data were also hacked in March of 2020.
*This story, originally published on 8/16/21, has been updated.