T-Mobile

T-Mobile USA announced a security breach late last night. The company says its cyber-security team discovered and shut down unauthorized access to its customers' data on Monday, August 20.

The telco says an attacker was exfiltrating personal data such as customer names, billing ZIP codes, phone numbers, email addresses, account numbers, and account types (prepaid or postpaid).

T-Mobile said the hacker (or hackers) did not gain access to passwords, social security numbers, or any financial information.

Impacted customers will receive an SMS, letter in the mail, or a phone call to notify them. The US telco says it informed law enforcement authorities about the breach.

Less than 3% T-Mobile customers impacted

A T-Mobile spokesperson told Motherboard that less than 3% of its customerbase was affected. T-Mobile reported 75.62 million customers at the end of Q2 2018. That would put the breach at around 3.9 million customers, still a considerable number.

As some T-Mobile users have pointed out, even if the hackers did not get their hands on any financial data or passwords, the breach makes it easier for the attacker to port  (SIM swap) numbers.

The telco company is redirecting all worried customers to its customer care service available via phone call, its official website, or Apple iMessage and Business Chat.

"We take the security of your information very seriously and have a number of safeguards in place to protect your personal information from unauthorized access. We truly regret that this incident occurred and are so sorry for any inconvenience this has caused you," T-Mobile said.

Related Articles:

California Voter Database Compromised in MongoDB Incident

Reddit Announces Security Breach After Hackers Bypassed Staff's 2FA

British Airways Loses Customer Payment Card Data in Breach

Cracked Logins of 570,000 Mortal Online Players Sold On Forums

Data of 130 Million Chinese Hotel Chain Guests Sold on Dark Web Forum