:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/62BRBJMVOZCQ7EIYEBRGLDSFTU.jpg)
T-Mobile reported a data breach on Thursday, stating that a “bad actor” had caused a data breach that affected 37 million customer accounts.
The data collection of names, birth dates and telephone numbers represented the second major breach in less than two years for the mobile service provider, The New York Times reported.
In a securities filing, T-Mobile said it first discovered the data was obtained on Jan. 5, according to the newspaper. With assistance from outside cybersecurity agents, the company stopped the leak the next day.
Breaking: T-Mobile said hackers stole data on about 37 million customers, including birth dates and billing addresses, the second major security breach at the company https://t.co/vjqfIflFa1
— The Wall Street Journal (@WSJ) January 19, 2023
The company added that financial information was not compromised, CNBC reported. The company said that Social Security numbers, credit card information, government identification numbers, passwords and PIN numbers were not affected by the breach, according to CNN.
“We understand that an incident like this has an impact on our customers and regret that this occurred,” T-Mobile said in a statement obtained by the Times.
T-Mobile said it was continuing to investigate the breach and had contacted federal authorities.
T-Mobile has more than 110 million customers, according to The Wall Street Journal.
The Federal Communications Commission said it had opened an investigation.
“This incident is the latest in a string of data breaches at the company, and the FCC is investigating,” an FCC spokesperson told the newspaper.
The company said it believed that the hacker first began retrieving data on Nov. 25 through an application programming interface, the Times reported.
T-Mobile added that it began a “substantial, multiyear investment” in 2021 to improve its cybersecurity capabilities and protections, CNN reported.
Those measures were put in place after a cyberattack in 2021 exposed data from nearly 77 million T-Mobile customer accounts, the Times reported. A 21-year-old American living in Turkey claimed credit for the breach, adding that T-Mobile’s security practices made it easy to steal the data, The Wall Street Journal reported.
T-Mobile agreed to $350 million to settle customer claims and to spend $150 million to enhance its cybersecurity practices and technologies, according to the newspaper.
©2022 Cox Media Group
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/SBOVJLPSO5GYFBWXZUZX6D7IMA.jpeg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/7UNN3ORZJNBHBIZBVSTDVULV3Y.jpeg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/VG4ZUCS7QJHIDDM4MJPILGXDXE.jpg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/G7GT3ELJ7JFKNMVGJVBUUOTNGU.jpg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/BWAG42EMMNDIHKNOJAK5BB3GVU.jpg)