T-Mobile has mentioned on their website that they discovered malicious, unauthorized access to some information related to their customer’s T-Mobile account. They added that the data accessed did not include names on the account, physical or email addresses, financial data, credit card information, social security numbers, tax ID, passwords, or PINs.
Here is the verbatim from their website about the security incident :
“We are reaching out to let you know about a security incident we recently identified and quickly shut down that may have impacted some of your T-Mobile account information. The data accessed did not include names on the account, physical or email addresses, financial data, credit card information, social security numbers, tax ID, passwords, or PINs.
What Happened?
Our Cybersecurity team recently discovered and shut down malicious, unauthorized access to some information related to your T-Mobile account. We immediately started an investigation, with assistance from leading cybersecurity forensics experts, to determine what happened and what information was involved. We also immediately reported this matter to federal law enforcement and are now in the process of notifying impacted customers.
What Information Was Involved?
Customer proprietary network information (CPNI) as defined by the Federal Communications Commission (FCC) rules was accessed. The CPNI accessed may have included phone number, number of lines subscribed to on your account and, in some cases, call-related information collected as part of the normal operation of your wireless service. As stated above, the data accessed did not include names on the account, physical or email addresses, financial data, credit card information, social security numbers, tax ID, passwords, or PINs.”
Source: https://www.t-mobile.com/responsibility/consumer-info/security-incident