T-Mobile Confirms Data Breach Of 37 Mln US Customer Accounts

tmobile jan20 lt

T-Mobile US, Inc. in a regulatory filing confirmed that it has suffered a cyber attack, in which data for approximately 37 million current postpaid and prepaid customer accounts were stolen.

According to the company, there is currently no evidence of breach or compromise to its systems or network.

The telecom major is in the process of informing impacted customers that a bad actor used a single Application Programming Interface or API to obtain limited types of information on their accounts.

In a filing with the U.S. Securities and Exchange Commission, T-Mobile said the impacted API was able to provide some basic customer information, including name, billing address, email, phone number, date of birth, T-Mobile account number and information regarding the number of lines on the account and plan features.

However, no passwords, payment card information, social security numbers, government ID numbers or other financial account information were compromised.

T-Mobile said that on January 5, it identified that a bad actor was obtaining data through a single API without authorization.

The company, through an investigation with external cybersecurity experts, were able to trace the source of the malicious activity and stop it within 24 hours. The investigation is still ongoing, but the malicious activity appears to be fully contained at this time.

It is now believed that the bad actor first retrieved data through the impacted API starting on or around November 25, 2022.

T-Mobile said it has notified certain federal agencies about the incident, and are concurrently working with law enforcement. The company at present does not expect that the incident will have a material effect on its operations.

The company said, "We understand that an incident like this has an impact on our customers and regret that this occurred. While we, like any other company, are unfortunately not immune to this type of criminal activity, we plan to continue to make substantial, multi-year investments in strengthening our cybersecurity program."

For comments and feedback contact: editorial@rttnews.com

Business News

Editors Pick
Shares of Inditex SA were gaining around 6 percent in the morning trading in Spain after the clothing firm that owns Zara reported Wednesday significant growth in its first-quarter profit on higher revenues as well as the absence of a prior year provision. Regarding the second quarter to date, the company said its store and online sales in constant currency between May 1 and June 4 increased 16.. The U.S. Consumer Product Safety Commission or CPSC, along with Golden, Colorado-based Boppy Co., urged consumers to stop using recalled Boppy Newborn Loungers, following reports of more infant deaths. They also asked online marketplaces to stop selling the recalled product. The company in September 2021 had recalled over 3.3 million infant lounging pillows after it was connected with deaths of 8 Apple has unveiled a bunch of new products for its customers including its first spatial computer Vision Pro Headset. The tech major has also introduced iOS 17, 15-inch MacBook Air, iPadOS 17, TvOS 17 For Apple TV, WatchOS 10 For Apple Watch, New Mac Studio, Mac Pro, and M2 Ultra, among others. The Apple Vision Pro features visionOS, the world's first spatial operating system.
Follow RTT