T-Mobile hack exposes personal info on 2.3 million customers

An international hacking group successfully exposed the personal information of roughly 2.3 million T-Mobile customers, the carrier has revealed, though particularly sensitive details were apparently spared. T-Mobile shut down the hack on August 20 and is in the process of notifying affected customers by text message.

The company’s official statement on the hack says that potentially exposed data includes customer names, billing zip codes, phone numbers, email addresses, account numbers, and prepaid or postpaid account types. But critically, T-Mobile says credit card information, social security numbers, and passwords were not compromised. It also says that customers who don’t receive notifications were not impacted by the hack.

Additional details a T-Mobile spokesperson shared with Motherboard confirm the scope of the hack — “about” or “slightly less than” 3 percent of the company’s 77 million customers are affected, which would be just under 2.31 million accounts. The carrier says that the hack was achieved through a T-Mobile API and was detected and stopped the same day it began. Hackers from an “international group” are allegedly responsible and currently being pursued by authorities.

T-Mobile is hardly the only carrier affected by user data hacks, as AT&T and Verizon have both suffered security breaches that impacted clusters of users over the years. Thankfully, the scope of these hacks has been more limited than some of those impacting other companies, such as Equifax, which famously saw 143 million customers compromised last year.

Regardless of whether you’ve received a warning text message, the company invites concerned customers to reach out using 611 from a T-Mobile phone or messaging via MyT-Mobile.com, the T-Mobile App, or iMessage through Apple Business Chat. T-Mobile has not said whether it will be implementing new security measures to prevent further intrusions.