T-Mobile data breach affects more than a million users

Customers line up outside a T-Mobile store

T-Mobile confirmed over the weekend that data belonging to over one million of its customers has been exposed following a system breach.

Personal information was accessed including names, billing addresses, phone numbers, account numbers, rate plan and features. Financial data such as credit card numbers, social security numbers and passwords are believed to be unaffected.

The company said all affected individuals have been, or will shortly be, notified, adding that customers should check they have up-to-date contact details on their account in the event the company needs to reach them.

T-Mobile confirmed to TechCrunch that less than 1.5% of its customers were affected, amounting to more than one million of the 75 million customers the company currently services.

"T-Mobile, like any other corporation, is unfortunately not immune to this type of criminal attack. Because of that, we are always working to improve security so we can stay ahead of malicious activity and protect our customers," said the company in a fairly brief disclosure notice.

"We have a number of safeguards in place to protect your personal information from unauthorised access, use, or disclosure," it added.

T-Mobile hasn't disclosed how the breach took place, whether data was stolen or how long the data was exposed for, but it did say it was fixed "promptly" after it took place in early November and that the relevant authorities have since been alerted.

The data accessed isn't inherently high-risk for the user given that passwords and financial information were not accessed, however if any data was taken, it's important that customers be on the look out for sophisticated phishing scams.

Connor Jones
News and Analysis Editor

Connor Jones has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.