T-Mobile yesterday announced it was “urgently investigating the highly sophisticated cyberattack” against its systems in a move to keep its customers and other stakeholders.
With a team of experts, T-Mobile says it located and immediately closed the access point that was reportedly used to illegally gain entry to its servers and has been able to verify that a subset of T-Mobile data had been accessed by unauthorized individuals.
“While our investigation is still underway and we continue to learn additional details, we have now been able to confirm that the data stolen from our systems did include some personal information. We have no indication that the data contained in the stolen files included any customer financial information, credit card information, debit or other payment information,” said T-Mobile.
According to the firm, some of the data accessed did include customers’ first and last names, date of birth, SSN, and driver’s license/ID information for a subset of current and former postpay customers and prospective T-Mobile customers.
T-Mobile says its preliminary analysis shows that approximately 7.8 million current T-Mobile postpaid customer accounts’ information appears to be contained in the stolen files, as well as just over 40 million records of former or prospective customers who had previously applied for credit with T-Mobile.
T-Mobile says no phone numbers, account numbers, PINs, passwords, or financial information were compromised in any of these files of customers or prospective customers.
To avoid future incidents like this, T-Mobile is immediately offering 2 years of free identity protection services with McAfee’s ID Theft Protection Service ,asking all its postpaid customers to change their PIN and offering an extra step to protect user mobile account with its Account Takeover Protection capabilities for postpaid customers, which makes it harder for customer accounts to be fraudulently ported out and stolen.
“At this time, we have also been able to confirm approximately 850,000 active T-Mobile prepaid customer names, phone numbers and account PINs were also exposed. We have already proactively reset ALL of the PINs on these accounts to help protect these customers, and we will be notifying accordingly right away. No Metro by T-Mobile, former Sprint prepaid, or Boost customers had their names or PINs exposed,” said the firm.
T-Mobile also confirmed that though there was some additional information from inactive prepaid accounts accessed through prepaid billing files but no customer financial information, credit card information, debit or other payment information or SSN was in this inactive file.