T-Mobile has suffered yet another data breach, with hundreds of account holders exposing their personal information during an attack between late February and March 2023.
The company has revealed that the hacker was able to access a variety of sensitive information, including full names, dates of birth, addresses, contact details, government IDs, social security numbers, and T-Mobile account pins. Notification letters were sent to affected customers on April 28th.
The telecommunications giant has not provided any details on how the hacker infiltrated its systems.
However, a data breach notification on the Maine attorney general’s office website stated that 836 customers were affected before T-Mobile discovered the breach on March 27th.
T-Mobile has confirmed that the recent data breach did not result in personal financial information or call records exposure. The company has taken proactive measures to reset the account pins of all affected users, which are used for identity verification when making account changes. T-Mobile has also offered free credit monitoring and identity theft detection services for two years to impacted customers.
In a letter sent to customers affected by the breach, T-Mobile acknowledged the need to improve its security protocols to prevent unauthorized access by bad actors. The company emphasized that it takes these incidents seriously and apologized for any inconvenience caused, stating that it is committed to enhancing the security of customer information.
T-Mobile has now reported a total of nine data breaches since 2018, with the most recent being the second this year. The company disclosed that between November 2022 and January 2023, data from 37 million accounts was leaked in a breach.
While the number of users affected in the latest incident is lower, the sensitive information accessed could be used for identity theft. T-Mobile also reported data breaches in January, August, and December 2021.