Props: Credit to T-Mobile for its promptness in reporting the breach. Where many companies drag their heels and wait months to share news of unauthorized access, T-Mobile let its customers know within just a few days.
T-Mobile has revealed it recently discovered that an unauthorized party had accessed some customers’ personal data.
A spokesperson speaking to Motherboard said the breach affected “about” or “slightly less than” three percent of its 77 million customers. Doing some quick math, three percent of 77 million is 2.31 million.
T-Mobile said in a release that it discovered the intrusion on August 20 and promptly shut it down. While no financial data or social security numbers were stolen, other information including names, e-mail addresses, phone numbers, billing ZIP codes, account numbers and account type (prepaid or postpaid) may have been exposed.
The spokesperson told Motherboard that hackers from an international group accessed company servers using an API.
T-Mobile said it has notified all affected customers, or will do so shortly. If you haven’t received a notice (or don’t receive one soon), it means your account was not impacted and you have nothing to worry about. Those with additional concerns are encouraged to contact customer care by dialing 611, using two-way messaging in the T-Mobile app, online at MyT-Mobile.com or via iMessage through Apple Business Chat.