On Monday, T-Mobile reported a security breach, which marks the company’s ninth such incident since 2018 and its second network intrusion this year.
The hack resulted in the exposure of customer data, including account PINs.
Between February 24 and March 30 of this year, the second-largest wireless carrier in the nation, T-Mobile, experienced its latest data breach. The intrusion, caused by hacking, was discovered on March 27.
The breach resulted in the theft of the personal information of 836 individuals, including their names, driver’s licenses or identification card numbers, and possibly their account PIN, Social Security number, date of birth, balance due, and phone plan details.
However, financial account information and call records remained secure and were not compromised.
In a statement to CNET, T-Mobile said that it “notified a small number of customers that our systems and processes worked to detect and stop a bad actor who was accessing accounts using compromised credentials.“
The stolen data included personal information such as names, billing addresses, email addresses, phone numbers, dates of birth, T-Mobile account numbers, and details about the number of lines on accounts and plan features.
T-Mobile has taken several steps in response to the recent data breach, including resetting the PINs of impacted customers and providing them with two years of free credit monitoring and identity theft protection services.
However, it’s not clear if the company has contacted law enforcement or hired a third-party forensics firm to investigate the incident, as these actions are typically taken in such situations.
T-Mobile may have already engaged a third-party firm for previous investigations and may have included this recent breach in its ongoing efforts.
According to TechCrunch, the recent breach is the second time T-Mobile has been hacked this year and marks the company’s ninth data breach since 2018.
The first breach occurred in January and was due to “bad actors” exploiting the company’s application programming, which led to the theft of data belonging to 37 million customers.
T-Mobile only discovered the breach on January 5, even though it had started on November 25, 2022.