7.8 million active T-Mobile postpaid accounts had personal data stolen during last week’s data breach
No Metro by T-Mobile customers, former Sprint prepaid subscribers, and Boost Mobile users had their names or PIN numbers exposed.
We have no indication that the data contained in the stolen files included any customer financial information, credit card information, debit, or other payment information.
Some of the data accessed did include customers’ first and last names, date of birth, SSN, and driver’s license/ID information for a subset of current and former postpay customers and prospective T-Mobile customers.
Our preliminary analysis is that approximately 7.8 million current T-Mobile postpaid customer accounts’ information appears to be contained in the stolen files, as well as just over 40 million records of former or prospective customers who had previously applied for credit with T-Mobile. Importantly, no phone numbers, account numbers, PINs, passwords, or financial information were compromised in any of these files of customers or prospective customers.”
T-Mobile recommends that postpaid account holders reset their PIN number
The attacker supposedly relied on lax security to break into T-Mobile’s backup servers which contain unencrypted data dating back to the mid-1990s. A sample of the data stolen included important data such as names, addresses, and serial numbers that can help to identify the specific handset unit that a customer uses, and the subscriber identity module, or SIM. With the latter information, an attacker could steal a victim’s phone number or create other fraudulent scenarios.
While our investigation is ongoing, we wanted to share these initial findings even as we may learn additional facts through our investigation that cause the details above to change or evolve.”