T-Mobile US data attack hits 37M users - Mobile World Live

T-Mobile US data attack hits 37M users

20 JAN 2023

T-Mobile US announced it was investigating a cyberattack which compromised the personal data of 37 million customers, warning it could be on the hook for significant expenses as a result.

In a filing with the Securities and Exchange Commission (SEC), T-Mobile stated it identified malicious activity on its systems on 5 January and it believed the attack began on or around 25 November 2022.

The hacker was able to collect customer data by accessing an API without authorisation, the company said.

T-Mobile claimed it stopped the cyberattack within 24 hours of identifying the incident, stating no sensitive data relating to financial information, social security numbers, government identification or payment cards had been compromised.

Data obtained by the hacker includes user’s names, billing addresses, email, phone numbers, date of birth, T-Mobile account number, and information related to service and plan bundles.

In 2022 T-Mobile agreed to pay $350 million to settle a lawsuit related to a breach in 2021 involving more than 100 million customers.

With the company facing another high-profile attack, T-Mobile said it may incur significant expenses, but added it did not currently expect the latest breach would have a material effect on its operations.



Hana Anandira

Prior to joining GSMA, Hana worked in the world of publishing as an editor and contributor for three years, covering a wide range of interests that span from culture and politics to architecture. She has written for Jakarta- and London-based...

Read more