T-Mobile Says Over 40 Million Customer Records Affected in Hack

T-Mobile US Inc. said an investigation confirmed about 7.8 million current users had information stolen along with more than 40 million records from past or prospective customers who’d applied for credit in a cyberattack.

The stolen information included customers’ full names, dates of birth, social security numbers, and IDs such as drivers licenses, the Bellevue, Washington-based company said in a statement on Wednesday. The hack doesn’t appear to have included credit card details or other financial information, it said.

The company said earlier this week that it was investigating claims that a widescale data breach had exposed customer details to hackers who were selling information online. The company is offering people affected by the attack two years of identity protection services and boosting security protocols on accounts that make it more difficult for fraudsters to take control.

Read More: Binance Hires U.S. Cybercrime Expert for Money Laundering Role

Hackers gained access to a smaller number of prepaid accounts in an incident in 2019, which included names, billing addresses, phone numbers and account details. T-Mobile said at the time that it affected less than 1.5% of its customers and was quickly shut down.

T-Mobile’s shares were little changed in New York trading on Tuesday. The stock has gained 4.3% this year.

To contact the reporter on this story:
Amy Thomson in London at athomson6@bloomberg.net

To contact the editors responsible for this story:
Giles Turner at gturner35@bloomberg.net

Nate Lanxon

© 2021 Bloomberg L.P. All rights reserved. Used with permission.