T-Mobile on Thursday announced it had been hit by a data breach that exposed sensitive information, including customer names and billing addresses, to an unidentified attacker or attackers.
Other information that was potentially exposed to hackers includes customer phone numbers and their rate plan and attached feature set. The carrier says no financial information, social security numbers or passwords were exposed in the attack.
The data accessed was information associated with your prepaid service account, including name and billing address (if you provided one when you established your account), phone number, account number, rate plan and features, such as whether you added an international calling feature. Rate plan and features of your voice calling service are “customer proprietary network information” (“CPNI”) under FCC rules, which require we provide you notice of this incident.
A T-Mobile spokesperson told CNET that a “very small single digit percentage of customers” were impacted by the incident.
The data breach comes a little over a year after a similar data branch at the carrier, which impacted approximately two million customers back in August 2018. That breach exposed customers’ names, billing zip codes, phone numbers, email addresses, account numbers and rate plans.
The data breach comes at an especially inopportune time for the Magenta Carrier, as it is on the verge of closing a $26.5 billion merger deal with Sprint, following final approval from the FCC earlier this month. The last remaining hump for the merger is a group of state attorneys general that have sued to prevent the merger.