47 million victims in T-Mobile data breach

T-Mobile has confirmed that about 47.8 million current, former and prospective customers have been affected by the cyberattack on its systems.

Of that number, about 7.8 million are current T-Mobile postpaid accounts and the rest are prior or potential users who had applied for credit, the company said in a press release

The carrier said its compromised data includes some personal information including the first and last names, date of birth, SSN, and driver’s license/ID information for a “subset of customers.”

The company said it does not yet have any indication that the stolen files contain phone numbers, account numbers, passwords or financial information.

“Our preliminary analysis is that approximately 7.8 million current T-Mobile postpaid customer accounts’ information appears to be contained in the stolen files, as well as just over 40 million records of former or prospective customers who had previously applied for credit with T-Mobile,” the carrier said. “Importantly, no phone numbers, account numbers, PINs, passwords, or financial information were compromised in any of these files of customers or prospective customers.”

It was first reported that a member of an underground forum who claimed to have obtained the data for over 100 million T-Mobile customers was selling information of about 30 million of them for about $270,000 in Bitcoin.

As part of its response effort, T-Mobile is offering affected customers two years of McAfee’s ID Theft Protection Service; recommending all postpaid users change their PIN; and setting up an online resource page.

T-Mobile said that on Tuesday it began coordination with law enforcement on its investigation into the data breach, which is the third such attack the company has suffered in two years.

%d bloggers like this: