Hackers recently came out claiming to have stolen the data from 100 million T-Mobile customers. Now, T-Mobile has confirmed that there was a breach and that more than 40 million records were stolen. However, these were not just T-Mobile customers, as some records were from people who applied for a T-Mobile account in the past and previous customers.
What Information Did the Hackers Get?
T-Mobile issued a statement on its website where it addressed the hack. In it, the company said, “that a subset of T-Mobile data had been accessed by unauthorized individuals.”
As far as what data was acquired, T-Mobile said that some current, former, and prospective customers had their first and last names, date of birth, social security numbers, and driver’s license/ID information stolen.
The company said that it has “no indication that the data contained in the stolen files included any customer financial information, credit card information, debit or other payment information.” That’s a small silver lining, but the information that was taken could be just as devastating as payment information, if not more so.
In total, T-Mobile says that 7.8 million current postpaid customers’ information was stolen, and over 40 million former or prospective customers’ data was contained in the hack.
Prepaid customers were also affected by the hack, as 850,000 prepaid customer names, phone numbers, and account PINs were also exposed. T-Mobile said that it reset the PINs on these accounts. The company also said that although some inactive prepaid accounts were included in the hack, “no customer financial information, credit card information, debit or other payment information or SSN was in this inactive file.”
What Is T-Mobile Going to Do?
The hole exploited was quickly closed by T-Mobile, so there’s no current risk of more data being leaked.
As far as those directly affected by this leak, T-Mobile intends to reach out to the customers whose data was included. The company will offer two years of free identity protection through McAfee’s ID Theft Protection Service.
Additionally, T-Mobile recommends postpaid customers change their PIN by going online into their T-Mobile account or calling T-Mobile customer service by dialing 611 on their phone. The company also recommends a feature called Account Takeover Protection that prevents unauthorized individuals from stealing a phone number and porting it out of T-Mobile.
Finally, the company will publish a website “for one-stop information and solutions to help customers take steps to further protect themselves.”