T-Mobile today admitted that a recent "criminal hack" accessed personal data of some prepaid wireless customers' accounts.
From USA Today's Mike Snider:
The wireless provider's cybersecurity team discovered the breach recently and "shut down malicious, unauthorized access" to some prepaid accounts, T-Mobile said in a security notice posted on company's website.
T-Mobile says it notified law enforcement about the breach, which led to some exposure of personal information, including names and billing addresses, phone numbers, account numbers, and wireless plan information.
We want to let you know about an incident that we recently identified and quickly corrected that impacted some of your personal information.
Our Cybersecurity team discovered and shut down malicious, unauthorized access to some information related to your T-Mobile prepaid wireless account. We promptly reported this to authorities. None of your financial data (including credit card information) or social security numbers was involved, and no passwords were compromised.
The data accessed was information associated with your prepaid service account, including name and billing address (if you provided one when you established your account), phone number, account number, rate plan and features, such as whether you added an international calling feature. Rate plan and features of your voice calling service are “customer proprietary network information” (“CPNI”) under FCC rules, which require we provide you notice of this incident.
We take the security of your information very seriously and have a number of safeguards in place to protect your personal information from unauthorized access. We truly regret that this incident occurred and apologize for any inconvenience this has caused you.
T-Mobile: "We take the security of your information very seriously."
— Zack Whittaker (@zackwhittaker) November 22, 2019