(Eagle News) — T-Mobile announced Wednesday that hackers attacked the U.S. wireless company, stealing personal information of more than 40 million current and past customers.
“The stolen date included social security and driver’s license numbers, which could be used for theft,” the company said in a release.
The records of an estimated 7.8 million current T-Mobile postpaid customer and just over 40 million former or prospective customers, who had previously applied for credit with the company, were stolen in the cyberattack.
In addition, about 850,000 active prepaid customer names, phone numbers and account PINs were also exposed.
According to T-Mobile, passwords and other financial information, such as credit card information and other payment information, were not included in the hack.
The company said it is taking steps to help protect those who are at risk from the attack and is offering two years of free identity protection services. It also recommends customers to change their PIN and avail of the Account Takeover Protection feature offered to postpaid customers.
The breach was first reported by the Vice website Motherboard, which quoted a seller claiming to offer “full customer info” of T-Mobile users.
Based on screenshots posted by the security website Bleeping Computer, personal data from at least 30 million people were offered for sale on dark web forums for the equivalent of $280,000 in bitcoin.
This is the latest attack of a wave of data breaches affecting a variety of companies and organizations including a US pipeline operator, Ireland’s health IT system and a major airline in India.
(Eagle News Service)