T-Mobile disclosed a data breach that exposed the account information of customers and employees.
The attack was conducted against their email vendor resulting in unauthorized access to certain T-Mobile employee email accounts.
A “NOTICE OF DATA BREACH” is posted on the T-Mobile website in which they state that it has been the target of a malicious attack impacting customer information.
T-Mobile cybersecurity team was able to identify and shut down the attack however the attackers managed to gain access to some customer and employee information.
The compromised information includes customer names and addresses, phone numbers, account numbers, rate plans, and features, and billing information. They have specifically stated that financial information including credit card information and Social Security number were not compromised by the attack.
With the aid of cybersecurity forensics experts, the attack is currently under investigation and has already been reported to federal law enforcement.
They also state that they do not have evidence on whether the stolen information has been used in fraud or otherwise misused.
Details on this attack including the number of customers affected are not provided yet.
To inform its customers of the data breach, T-Mobile is currently sending out SMS messages containing a link to a page that provides more information on the matter. They stated in the text message that financial information and SSN were not affected by the attack.
T-Mobile urges customers to review their account information and update the personal identification number (PIN/passcode) on their account.
Customers can dial 611 from their T-Mobile phone or 1-800-937-8997 from any phone for further assistance regarding their account security.