BALTIMORE, MD—T-Mobile reported on Thursday that approximately 37 million customers’ account information had been accessed in a data breach.
The company says a hacker used a single Application Programming Interface (or API) to obtain limited types of information on customers’ accounts.
“As soon as our teams identified the issue, we shut it down within 24 hours,” T-Mobile said in a press release. “Our systems and policies prevented the most sensitive types of customer information from being accessed, and as a result, customer accounts and finances should not be put at risk directly by this event. There is also no evidence that the bad actor breached or compromised T-Mobile’s network or systems.”
The company adds that no passwords, payment card information, social security numbers, government ID numbers, or other financial account information were compromised. Some basic customer information was obtained, including name, billing address, email, phone number, date of birth, account number, and information such as the number of lines on the account and service plan features.
T-Mobile has begun notifying impacted customers. The company currently has over 110 million subscribers.
Photo via Pixabay