Hackers help themselves to data belonging to 2 million T-Mobile customers

The "international" threat actors managed to capture a set of customer data before being shut down.
Written by Charlie Osborne, Contributing Writer

T-Mobile has reported a security incident which may have led to the exposure of personal data belonging to approximately two million customers.

In a statement, the telecommunications giant said on Thursday that a recent "incident" may have given a cyberattacker brief access to customer records.

On August 20, T-Mobile staff detected an unauthorized entry into the company's network. While the intrusion was rapidly shut down, customer names, billing ZIP codes, phone numbers, email addresses, account numbers, and account types are believed to be involved in the data breach.

"Our cyber-security team discovered and shut down an unauthorized access to certain information, including yours, and we promptly reported it to authorities," T-Mobile says. "None of your financial data (including credit card information) or social security numbers were involved, and no passwords were compromised."

Speaking to Motherboard, a T-Mobile spokesperson said the cybersecurity incident affected roughly 3 percent of its 77 million customers, or approximately 2 - 2.5 million customers.

TechRepublic: A data breach may be more expensive than you think, thanks to these hidden costs

According to the spokesperson, the incident occurred after hackers compromised company servers through an API, although no further technical details have been disclosed.

The company has also not revealed any thoughts behind who may be behind the intrusion, beyond the belief that the threat actors were "international."

T-Mobile says that all affected customers have, or soon will be, notified.

"We take the security of your information very seriously and have a number of safeguards in place to protect your personal information from unauthorized access," the company added. "We truly regret that this incident occurred and are so sorry for any inconvenience this has caused you."

CNET: Possible data breach at Orbitz affects 880,000 payment cards

This is not the first time this year that T-Mobile's cybersecurity practices have come under scrutiny.

In May, researchers uncovered a bug in T-Mobile's website which allowed anyone to access the personal data of customers using only a phone number.

The exploit existed in a subdomain used by company staff members to access internal tools. This subdomain was easy to find via search engines, and once a phone number was tagged onto the end of the web address, the platform would reveal customer information -- including their full name, physical address, billing account numbers, and account records.

See also: Mexicans served with Dark Tequila in spyware spree

A basic guide to diving in to the dark web

Previous and related coverage

Editorial standards