T-Mobile data breach exposes data of 37M customers

T-Mobile data breach overview: 

• Who: T-Mobile disclosed it was the victim of a data breach that exposed the private data of approximately 37 million customers. 
• Why: The T-Mobile data breach exposed private information such as names, email addresses and phone numbers, among other things. 
• Where: Consumers nationwide may be affected by the T-Mobile data breach. 

T-Mobile revealed in a filing with the U.S. Securities and Exchange Commission this week that it was the victim of a data breach that exposed the private data of approximately 37 million customers to a bad actor. 

The wireless carrier says it discovered the breach Jan. 5, at which time it, along with outside cybersecurity experts, “promptly commenced” an investigation that allowed them to stop the “malicious activity” within a day. 

“Our investigation is still ongoing, but the malicious activity appears to be fully contained at this time, and there is currently no evidence that the bad actor was able to breach or compromise our systems or our network,” T-Mobile says in its filing. 

The company says it believes the T-Mobile data breach started on or around Nov. 25 of last year, according to the filing. 

T-Mobile says the breach did not expose any of its customers’ payment card information, Social Security numbers, drivers license numbers, government ID numbers, passwords/PINs or other financial account information. 

Data breach affected ‘limited set of customer account data,’ T-Mobile says 

T-Mobile says the incident affected a “limited set of customer account data,” including names, billing addresses, emails, phone numbers, birthdates and some account numbers and information. 

In addition to notifying certain federal agencies about the data breach, T-Mobile says it is working with law enforcement and has begun notifying potentially impacted customers “in accordance with applicable state and federal requirements.” 

The major wireless carrier says it has been working with “leading external cybersecurity experts” in order to “enhance” its “cybersecurity capabilities and transform our approach to cybersecurity.” 

“We have made substantial progress to date, and protecting our customers’ data remains a top priority,” T-Mobile says in its filing. 

T-Mobile says it believes the data breach may cause it to “incur significant expenses” and that, while it is “unable to predict the full impact,” it does not expect it to “have a material effect” on the company’s operations. 

Last September, the company agreed to pay $350 million as part of a class action settlement made to resolve claims revolving around a data breach announced in August 2021 that affected 76 million Americans. 

Have you been affected by the T-Mobile breach? Let us know in the comments. 

Read About More Class Action Lawsuits & Class Action Settlements:

• AMC class action claims streaming service shares viewer data with Facebook
• Class action lawsuit claims Twitter API defect allowed data breach
• Class action alleges Apple records users’ private data, activity
• Meta files lawsuit claiming AI company scrapes, sells Facebook users’ data