As part of its ongoing data breach investigation, T-Mobile has confirmed that important data has been breached. Rough estimates 47 million current and former customers have been affected by the cyberattack, T-mobile confirmed on Wednesday. About 8 million are current T-Mobile postpaid accounts and the rest are potential users who had applied for subscriptions, the company added in a press release.
Worryingly, the data includes personal information including the first and last names, date of birth, SSN, and driver’s license/ID information. So far, T-Mobile said it does not have any indication that the stolen files contain phone numbers, account numbers, passwords, or financial information.
The company said about 850,000 active T-Mobile prepaid customers also had their names, phone numbers, and account PINs exposed. The affected users do not include Metro by T-Mobile, former Sprint prepaid, or Boost users and T-Mobile said it has reset the PINs on these accounts. In addition “some additional information” from inactive prepaid accounts was accessed through prepaid billing files.
The findings from the T-Mobile preliminary analysis come just days after it was notified of a data breach. Initially, it was reported that a member of an underground forum claimed to have obtained the data for over 100 million T-Mobile customers. The culprit was reportedly selling information online of about 30 million T-Mobile customers for about $270,000 in Bitcoin.
As part of its compensation and mitigation efforts, T-Mobile is offering affected customers two years of McAfee’s ID Theft Protection Service; recommending all postpaid users change their PIN; and setting up an online resource page. T-Mobile said that it began coordination with law enforcement on Tuesday as its investigation into the data breach — the third such attack it has suffered in the past two years — continues.