BELLEVUE, Wash. — T-Mobile said an investigation is underway after a data breach exposed the personal information of more than 47.8 million people.
The company said it learned of the breach through an online forum last week. T-Mobile said it immediately started to investigate the claims.
T-Mobile verified the claims Tuesday, according to the company’s website, and patched the issue they believe was used to access customers’ personal information.
T-Mobile said hackers were able to get the first and last names of millions of customers. They also have other personal information such as birth dates, social security numbers and driver’s license numbers. The company said it doesn’t believe that hackers accessed any credit card or other financial information belonging to customers.
To protect past and current customers impacted by the breach, T-Mobile is offering the following:
- 2 years of free identity protection services with McAfee’s ID Theft Protection Service.
- Recommending all T-Mobile customers change their PIN. This precaution is despite the fact that they have no knowledge that any postpaid account PINs were compromised.
- Offering an extra step to protect your mobile account with Account Takeover Protection capabilities.
T-Mobile said it also determined that the names, phone numbers and account PINs of about 850,000 prepaid customers were exposed. Impacted customers are being notified and T-Mobile changed the PINs on all of those accounts.
“We have been working around the clock to investigate claims being made that T-Mobile data may have been illegally accessed,” T-Mobile posted on its website. “We take the protection of our customers very seriously and we are conducting an extensive analysis alongside digital forensic experts to understand the validity of these claims, and we are coordinating with law enforcement.”