A couple of days ago, it was reported that mobile communication giant T-Mobile U.S. was investigating a matter that involved a massive breach of data related to its customer information. At the time, the company stated that it didn't have "any additional information to share". Now, T-Mobile has completed the preliminary investigation surrounding the attack, and today the company has shared more details regarding what it has found.
According to its findings, information of close to 50 million accounts, including those of former or prospective customers, has been confirmed to be stolen by the hacker. Here's what T-Mobile has said (not quoted in order) regarding its postpay customers:
Our preliminary analysis is that approximately 7.8 million current T-Mobile postpaid customer accounts’ information appears to be contained in the stolen files, as well as just over 40 million records of former or prospective customers who had previously applied for credit with T-Mobile.
Some of the data accessed did include customers’ first and last names, date of birth, SSN, and driver’s license/ID information for a subset of current and former postpay customers and prospective T-Mobile customers.
Importantly, no phone numbers, account numbers, PINs, passwords, or financial information were compromised in any of these files of customers or prospective customers.
For prepay customers, T-Mobile says:
At this time, we have also been able to confirm approximately 850,000 active T-Mobile prepaid customer names, phone numbers and account PINs were also exposed. We have already proactively reset ALL of the PINs on these accounts to help protect these customers, and we will be notifying accordingly right away. No Metro by T-Mobile, former Sprint prepaid, or Boost customers had their names or PINs exposed.
In the original report, it was claimed that data of around 100 million users may have been exposed which means further investigation could perhaps reveal a wider extent of the attack.
As preventive measures to protect users who may be at risk of the hack, T-Mobile says it is taking the following steps:
Immediately offering 2 years of free identity protection services with McAfee’s ID Theft Protection Service.
Recommending all T-Mobile postpaid customers proactively change their PIN by going online into their T-Mobile account or calling our Customer Care team by dialing 611 on your phone. This precaution is despite the fact that we have no knowledge that any postpaid account PINs were compromised.
Offering an extra step to protect your mobile account with our Account Takeover Protection capabilities for postpaid customers, which makes it harder for customer accounts to be fraudulently ported out and stolen.
Publishing a unique web page later on Wednesday for one stop information and solutions to help customers take steps to further protect themselves.
T-Mobile says it will continue the investigation and is currently working with law enforcement agencies on the matter. You can find more information in its press release here.