US wireless carrier T-Mobile said on Thursday that an unidentified malicious intruder breached its network in late November and stole the data of 37 million customers, including addresses, phone number and date of birth.
Michael Dwyer/AP
hide captions
switch captions
Michael Dwyer/AP
US wireless carrier T-Mobile said on Thursday that an unidentified malicious intruder breached its network in late November and stole the data of 37 million customers, including addresses, phone number and date of birth.
Michael Dwyer/AP
BOSTON — U.S. wireless carrier T-Mobile said on Thursday that an unidentified malicious intruder breached its network in late November and stole the data of 37 million customers. , including your address, phone number, and date of birth.
T-Mobile said in a filing with the U.S. Securities and Exchange Commission that the breach was discovered on January 5. It said the data was stolen — based on its investigation for to date — do not include passwords or PINs, bank account or credit card information, Social Security numbers or other government IDs.
“Our investigation is still ongoing, but malicious activity appears to have been completely contained at this time,” said T-Mobile, with no evidence that an intruder was able to compromise. corporate cybercrime. It indicates the data was first accessed on or around November 25.
T-Mobile said it has notified federal and law enforcement agencies, which it did not name. It did not immediately respond to an e-mail search comment.
The company has been attacked several times in recent years. In its filing, T-Mobile said it does not expect the latest breach to have a material impact on its operations. However, a senior analyst at Moody’s Investor Services, Neil Mack, said in a statement that the breach raises questions about management’s network governance and could alienate customers. and attract scrutiny from the Federal Communications Commission and other regulatory agencies.
“While these cybersecurity breaches may not be systemic in nature, their frequency at T-Mobile is an alarming outlier compared to telecommunications companies,” Mack said. same sector”.
In July, T-Mobile agreed to pay $350 million to customers who filed a class-action lawsuit after the company disclosed in August 2021 that personal data including Social Security numbers and driver’s license information has been stolen. Nearly 80 million US residents are affected.
At the time, it also said it would spend $150 million through 2023 to bolster data security and other technologies.
Prior to the August 2021 breach, the company disclosed breaches in January 2021, November 2019 and August 2018 in which customer information was accessed.
T-Mobile, headquartered in Bellevue, Washington, became one of the country’s largest cell phone service providers in 2020 after buying rival Sprint. It reported having more than 102 million customers after the merger.
