IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Hackers breach T-Mobile customer records

The breach, which affects around 200,000 customers, contains data types the FCC considers "highly sensitive"

Customers line up outside a T-Mobile store

T-Mobile has suffered a data breach affecting information government agencies consider highly sensitive. The breach is the company's fourth since 2018.

The breach affected about 200,000 customers, according to reports, and T-Mobile said the breach impacted a range of information, including customer phone numbers, the number of lines subscribed on their account, and possibly call-related information collected as part of their cellular service.

It didn't affect personally identifiable information, such as names, addresses, email addresses, financial data, social security numbers, or PINs.

The information affected still represents a serious risk. The leaked data is known as customer proprietary network information (CPNI), and the Federal Communications Commission (FCC) considers it "some of the most sensitive information that carriers and providers have about their customers." CPNI includes the phone numbers the customer called, when they made the calls, and how long the calls were. This is otherwise known as call metadata, and intelligence agencies have long sought it for surveillance purposes.

"Our Cybersecurity team recently discovered and shut down malicious, unauthorized access to some information related to your T-Mobile account," T-Mobile said in the statement on its website.

"We immediately started an investigation, with assistance from leading cybersecurity forensics experts, to determine what happened and what information was involved. We also immediately reported this matter to federal law enforcement and are now in the process of notifying impacted customers."

This isn't the first data breach T-Mobile has suffered. In 2018, the company warned users someone had unauthorized access to information, including their phone number, email address, account number, and date of birth. 

In November 2019, T-Mobile admitted a systems breach had affected over 1 million customers. That heist targeted information related to prepaid wireless accounts and included names, addresses, phone numbers, and other CPNI data. In March 2020, the company also notified customers that the breach might have compromised their personal and financial information.

In April 2020, T-Mobile US completed its $26 billion merger with US carrier Sprint Corporation to build a nationwide 5G network.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

What is zero trust?
network security

What is zero trust?

14 Jul 2022
An analysis of the European cyber threat landscape
Whitepaper

An analysis of the European cyber threat landscape

8 Jul 2022
Protecting healthcare from cybercrime
Whitepaper

Protecting healthcare from cybercrime

25 May 2022
The truth about cyber security training
Whitepaper

The truth about cyber security training

25 Apr 2022

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Should you take your password manager off the internet?
Sponsored

Should you take your password manager off the internet?

28 Jul 2022