T-Mobile US was hit with another cyberattack which it warned could have exposed names, contact information, account numbers, phone numbers and other personal data related to 836 mobile customers.

In a letter to impacted customers on 28 April, T-Mobile warned hackers may also have accessed account PINs, social security numbers, government IDs, dates of birth, balances, internal codes used by the operator and the number of lines a customer has.

T-Mobile stated it reset PINs.

It is also offering two free years of credit monitoring and identity theft detection services for subscribers who sign-up by end-August.

Bleeping Computer revealed the breach on 1 May, with details published by the attorney general of Maine the same day revealing the breach began on 24 February, was discovered on 27 March and ended on 30 March.

The Verge reported the latest incident was the operator’s ninth since 2018.

In January, T-Mobile revealed it was investigating a cyberattack which compromised the personal data of 37 million customers.

The operator agreed to pay $350 million in 2022 to settle a lawsuit related to a breach involving more than 100 million customers.