The details of an estimated 2.3 million customers of T-Mobile US and its MetroPCS subsidiary were exposed in a hack attack discovered by the operator earlier this week.

In a statement to subscribers, T-Mobile said personal information including users’ name, billing area code, phone number, email address, account number and type of subscription (either prepaid or post paid) were exposed in the attack. The operator added its cybersecurity team had shut down the exploit after discovering it on 20 August.

“None of your financial data (including credit card information) or social security numbers were involved and no passwords were compromised” the operator said.

While T-Mobile did not detail how many customers were affected, a representative told news site Motherboard up to 3 per cent of its total user base was involved. Based on GSMA Intelligence forecasts the operator’s connections will hit 77 million in the current quarter, this means around 2.3 million users could be involved.

“We take the security of your information very seriously and have a number of safeguards in place to protect your personal information from unauthorised access,” the operator stated.

Motherboard reported the T-Mobile representative said the exploit was dealt with on the same day it began.

Details of the attack were revealed a matter of days after T-Mobile announced a new approach to customer service designed to differentiate it from US rivals.