T-Mobile says hackers stole personal info of more than 40M people
The cyberattack that breached T-Mobile’s computer network pulled personal data, including Social Security numbers and driver’s license information, on more than 40 million people, the cellphone carrier said.
The stolen data included first and last names, birth dates, Social Security numbers and driver’s license and ID information “for a subset of current and former postpay customers and prospective T-Mobile customers,” the company said in a statement Wednesday.
T-Mobile said it’s still investigating the impact of the data breach, but “preliminary analysis” indicates that almost 8 million current T-Mobile subscribers with postpaid plans are affected.
The data of another 40 million people who applied for credit with T-Mobile — regardless of whether they ever actually did business with the carrier — has also been compromised, the company said.
“Importantly, no phone numbers, account numbers, PINs, passwords, or financial information were compromised in any of these files of customers or prospective customers,” the company said.
T-Mobile said it will notify affected people shortly, and that it’s offering two years of free identity protection services with McAfee’s ID Theft Protection Service.
The company’s also recommending that all T-Mobile postpaid customers proactively change their PIN.
The company added that the breach also exposed the names, phone numbers and account PINs of about 850,000 current customers on prepaid plans.
“We have already proactively reset ALL of the PINs on these accounts to help protect these customers, and we will be notifying accordingly right away,” the company said of those roughly 850,000 current customers.
T-Mobile noted that users of its Metro by T-Mobile, former Sprint prepaid and Boost Mobile brands weren’t part of that affected group.
The company said it will set up a unique web page later Wednesday to provide information and solutions for affected users.
Additional reporting by Alexandra Steigrad