Personal data, including social security numbers, of more than 40 million former and prospective customers who applied for T-Mobile credit were exposed in a data breach, the company said Tuesday.
The big picture: About 7.8 million current T-Mobile postpaid customers were also affected. Some of the data accessed included names, date of birth, SSN, and driver’s license/ID information.
- “Importantly, no phone numbers, account numbers, PINs, passwords, or financial information were compromised in any of these files of customers or prospective customers,” the company said.
- The breach, however, did expose, the names, phone numbers and account PINs of approximately 850,000 active T-Mobile prepaid customers, the company confirmed. Those PINs have been reset, T-Mobile said.
- "The company didn’t disclose the extent to which the various victim groups overlapped," the Wall Street Journal noted.
- The announcement comes just days after T-Mobile said it was investigating a breach after someone in an online forum offered to sell customer information, per the Journal.
What they're saying: "We take our customers’ protection very seriously and we will continue to work around the clock on this forensic investigation to ensure we are taking care of our customers in light of this malicious attack," T-Mobile said, adding that its investigation was ongoing.
- The company said it would immediately offer two years of free identity protection services.