The wireless carrier confirmed the breach Friday, just days after it reportedly went down. As reported by Motherboard, the hackers briefly gained access to personal information on about 3 percent (2 million) of T-Mobile’s customers. The company reassured the public that passwords, credit card numbers, and social security numbers were not compromised in the breach; however, the hackers did gain access to some billing information, such as names, email addresses, and account numbers.
Per T-Mobile’s website:
Our cyber-security team discovered and shut down an unauthorized access to certain information, including yours, and we promptly reported it to authorities. None of your financial data (including credit card information) or social security numbers were involved, and no passwords were compromised. However, you should know that some of your personal information may have been exposed, which may have included one or more of the following: name, billing zip code, phone number, email address, account number and account type (prepaid or postpaid).
A spokesperson for T-Mobile couldn’t provide many details about the cyber attack, but confirmed “an international group” carried it out. The spokesperson also said its cyber security team detected the intrusion shortly after it occurred: “We found it quickly and shut it down very fast.”
On Friday morning, T-Mobile began notifying affected customers via text message. If you’re a customer who did not receive a notification, it’s safe to assume your data was not compromised.