The Desk appreciates the support of readers who purchase products or services through links on our website. Learn more...

T-Mobile affirms data breach involving, current, former customers

Photo of author
By:
Matthew Keys
»

mkeys@thedesk.net

Share:
A mobile phone running on the T-Mobile wireless network. (Photo: The Desk)

The personal information of more than 50 million current and former T-Mobile wireless customers was compromised in a massive data breach, the company said this week.

The affirmation comes after a reporter with the website Motherboard spotted posts on a so-called “Dark Web” marketplace that offered batches of the data for sale.

In a statement published on Wednesday, T-Mobile said names, addresses, dates of birth, driver’s license information and Social Security Numbers of its current and former customers were included in the breached data.

T-Mobile said the customer data was mostly connected to current and former customers who applied for various credit products through T-Mobile. The company is known to run credit background checks on customers who want to purchase certain devices, like expensive smartphones, on installment; some other customers are asked to undergo a credit check in order to get post-paid wireless service.

Along with the credit information, personal information of around 7.8 million T-Mobile post-paid service customers was included in the data breach, along with service-related information for hundreds of thousands of T-Mobile pre-paid customers.

No specific financial information like credit cards or bank account numbers were apparently compromised, the company said, though its investigation is still ongoing. The breach did not extend to other T-Mobile brands, including Metro by T-Mobile (“MetroPCS”), Boost Mobile or Sprint.

An internal investigation revealed security gaps in some servers used by T-Mobile allowed an unidentified “bad actor” to gain access to the customer information, the company said. After consulting “world-leading cybersecurity experts,” the company was able to shut off outside access to those servers.

T-Mobile said affected customers are being contacted with an offer to subscribe to two years of free identity theft protection services offered by McAfee.

It was the third known data breach to hit T-Mobile’s servers in less than two years. In January, the company said similar customer information was stolen through a similar incident, and a phishing campaign against some T-Mobile employees in 2020 led to the theft of other customer-related information.

Never miss a story

Get free breaking news alerts and twice-weekly digests delivered to your inbox.

We do not share your e-mail address with third parties; you can unsubscribe at any time.

T-Mobile
Photo of author

About the Author:

Matthew Keys

Matthew Keys is the award-winning founder and editor of TheDesk.net, an authoritative voice on broadcast and streaming TV, media and tech. With over ten years of experience, he's a recognized expert in broadcast, streaming, and digital media, with work featured in publications such as StreamTV Insider and Digital Content Next, and past roles at Thomson Reuters and Disney-ABC Television Group.
TheDesk.net is free to read — please help keep it that way.

We rely on advertising revenue to support our original journalism and analysis.
Please disable your ad-blocking technology to continue enjoying our content.

Learn how to disable your ad blocker on: Chrome | Firefox | Safari | Microsoft Edge | Opera | AdBlock plugin

Alternatively, add us as a preferred source on Google to unlock access to this website.

If you think this is an error, please contact us.