IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

T-Mobile confirms hackers accessed 47.8 million customer records

A preliminary assessment by the US operator found that the stolen data includes SSN and driver’s license information

T-Mobile has confirmed that the records of 47.8 million current, prospective, and former customers have been accessed by hackers, which represents nearly half of the 100 million records that were found for sale online earlier this week. 

The company’s preliminary analysis has shown that around 7.8 million current T-Mobile postpaid customer accounts’ information appears in the files, as well as just over 40 million records of former or prospective customers who had previously applied for credit with T-Mobile.

“Some of the data accessed did include customers’ first and last names, date of birth, SSN, and driver’s license/ID information for a subset of current and former postpay customers and prospective T-Mobile customers,” the company confirmed. 

It said that, so far, there is “no indication” that the data contained in the stolen files included any customer financial information, credit card information, debit or other payment information. adding that around 850,000 active T-Mobile prepaid customer names, phone numbers, and account PINs were also exposed.

The company has proactively reset all of the PINs on these accounts and will start notifying customers accordingly “right away”.

T-Mobile revealed it is taking “immediate steps” to help protect all individuals who may be at risk from this "cyber attack". It is set to offer customers two years of free identity protection services with McAfee’s ID Theft Protection Service, and recommend its postpaid customers to change their PINs, despite the fact that it has “no knowledge” that any of these PINs were compromised.

Related Resource

From zero to hero: The path to CIAM maturity

Your guide to the CIAM journey

Whitepaper front coverDownload now

It will also offer “an extra step” to customers to protect their mobile accounts and also publish a unique web page later today for “one stop information and solutions” to help customers take steps to further protect themselves.

On 16 August, T-Mobile launched an investigation into a claim on an online forum that suggested the personal data from over 100 million users had been breached. The seller said that the data had come from T-Mobile servers and was asking for six Bitcoin, around $270,000, for a subset of the data containing around 30 million records. A day later, the company confirmed that there had been some “unauthorized access” to its data, but hadn’t determined if any personal customer data had been involved until today.

Featured Resources

IT best practices for accelerating the journey to carbon neutrality

Considerations and pragmatic solutions for IT executives driving sustainable IT

Free Download

The Total Economic Impact™ of IBM Spectrum Virtualize

Cost savings and business benefits enabled by storage built with IBMSpectrum Virtualize

Free download

Using application migration and modernisation to supercharge business agility and resiliency

Modernisation can propel your digital transformation to the next generation

Free Download

The strategic CFO

Why finance transformation propels business value

Free Download


Rugged servers market to hit $945 million by 2032

Rugged servers market to hit $945 million by 2032

30 May 2022

Most Popular

The big PSTN switch off: What’s happening between now and 2025?

The big PSTN switch off: What’s happening between now and 2025?

13 Mar 2023
Why – and how – IP can be the hero in your digital transformation success story

Why – and how – IP can be the hero in your digital transformation success story

6 Mar 2023
What is GPT-4?
artificial intelligence (AI)

What is GPT-4?

15 Mar 2023