A “highly sophisticated” cyber-attack illegally accessed nearly 55 million customer records of mobile phone carrier T-Mobile, the largest such attack against the company that has been hit at least four previous times since 2018.
The company acknowledged Tuesday that hackers stole personal information on more than 7.8 million existing customers, 40 million former or prospective customers, and 850,000 prepaid customers. The breach came to light after a hacker made claims on the dark web to have accessed and stolen the information of more than 100 million T-Mobile customers, as reported by Vice.
On Friday, T-Mobile updated those numbers, saying hackers stole information on 13.1 million existing customers; 40.6 million former or prospective customers; and over 900,000 prepaid customers, bringing the total customers affected to approximately 54.6 million. In addition, T-Mobile said customer phone numbers as well as IMEI and IMSI information, the typical identifier numbers associated with a mobile phone, were also compromised.
T-Mobile said the personally identifiable information accessed included customers’ first and last names, Social Security numbers, and driver’s licenses. The company said no financial information, account numbers, PINs, passwords, credit or debit card numbers, or other payment information were obtained.
However, prepaid customers had their names, phone numbers, and account PINs exposed. T-Mobile said it automatically reset all prepaid customers’ PINs.
The company said in response it has notified affected customers and offered two years worth of free identity protection with McAfee’s ID Theft Protection Service. The company also recommends all its customers proactively change their PIN numbers. T-Mobile posted the address of a Webpage that provides suggestions to customers on how to protect themselves and their identities.
“While our investigation is still underway and we continue to learn additional details, we have now been able to confirm that the data stolen from our systems did include some personal information,” T-Mobile said in a press release. “We have no indication that the data contained in the stolen files included any customer financial information, credit card information, debit or other payment information.”
Hacks of major businesses have become commonplace, but T-Mobile’s vulnerability has worsened over time. This most recent breach is by far the worst of at least five reported by the mobile carrier since 2018.
In December 2020, about 200,000 T-Mobile customer records were accessed, according to The Verge. The company was also hit with breaches in March 2020 and November 2019, although it did not reveal the number of customer records accessed by hackers in either incident. In 2018, T-Mobile reported more than 2 million customer accounts were compromised in a hack.
In the most recent attack, bad actors accessed the company’s servers and stole customer information, but T-Mobile did not offer more details on how the breach occurred. The company said it acted quickly to locate and close the access point and that it has coordinated its response with law enforcement.
“We take our customers’ protection very seriously and we will continue to work around the clock on this forensic investigation to ensure we are taking care of our customers in light of this malicious attack,” T-Mobile stated. “While our investigation is ongoing, we wanted to share these initial findings even as we may learn additional facts through our investigation that cause the details above to change or evolve.”
Editor’s note: This story was originally published Aug. 18 and updated Aug. 20 to reflect T-Mobile’s latest assessment of the cyber-attack’s extent.