The company provided more details on what occurred in a notification to its customers, saying:
“Our Cybersecurity team recently identified and shut down a malicious attack against our email vendor that led to unauthorized access to certain T-Mobile employee email accounts, some of which contained account information for T-Mobile customers and employees. An investigation was immediately commenced, with assistance from leading cybersecurity forensics experts, to determine what happened and what information was affected. We immediately reported this matter to federal law enforcement and are actively cooperating in their investigation.”
T-Mobile is currently sending out SMS notifications to all impacted users, though customers who had just their account data and those who had their financial data exposed are receiving different notifications.
Exposed data
The hackers behind the security breach may have accessed data on T-Mobile employees and some of its customers.
According to the company, names, addresses, phone numbers, account numbers, rate plans and features and billing information may have been obtained by hackers. However, the Social Security numbers, financial account information and government identification numbers of some users were exposed while for others, this data was not exposed.
T-Mobile has not yet said how many users were impacted by the security breach but it has recommended that customers change the personal identification number for their T-Mobile accounts.
This is the second time the US telecom has disclosed a security breach in the past six months. Back in November of last year, T-Mobile disclosed a similar security breach in which a malicious actor was able to obtain the personal data of over a million of its customers.