T-Mobile data breach could be much worse than previously thought

News
By published

An additional 5.3m T-Mobile customers are affected

Renovated Headquarters
(Image credit: T-Mobile)

The recent T-Mobile data breach in which a hacker claims to have stolen the personally identifiable information (PII) of roughly 100m of the mobile carrier's customers may actually be much worse as the company has revealed new details from its investigation into the matter.

Earlier this week, a hacker posted on an underground forum in an attempt to sell a pool of data on the company's customers which reportedly included their social security numbers (SSN), phone numbers, names, addresses, unique IMEI numbers and driver's license information.

Now though, T-Mobile has confirmed in a new post on its site that 7.8m of its current postpaid or on contract customers did have all of the data mentioned above stolen as a result of the breach. However, the hacker was also able to acquire their IMEI (International Mobile Equipment Identity) that is assigned to every mobile device as well as their IMSI (International Mobile Subscriber Identity) that is used to identify their SIM card.

While a cybercriminal could use the exposed personal information of affected T-Mobile customers to commit identity theft, their IMSI information could potentially be used in SIM swapping attacks where an attacker takes over a user's phone number to intercept two-factor authentication (2FA) codes as well as other data being sent to their smartphone.

T-Mobile data breach

T-Mobile also revealed that an additional 5.3m of its postpaid customers are affected by the breach though apparently their driver's licenses and social security numbers weren't exposed.

The accounts of 667k former T-Mobile customers were exposed as well though thankfully, former Sprint prepaid and Boost Mobile customers didn't have their information stolen during the breach. Unfortunately, the same can't be said for 52k Metro by T-Mobile customers who also had their information stolen.

Both T-Mobile and he FCC are currently investigating the data breach and so far, one class-action lawsuit has been filed against the mobile carrier.

Current T-Mobile customers who are concerned that their data may have been exposed can visit this page for more information on how to sign up for the company's Scam Shield which offers scam-blocking protection and other anti-scam features. The company is also offering a free two year subscription to McAfee's ID Theft Protection service to affected customers.

We'll likely hear more regarding the breach and how the hacker was able to penetrate T-Mobile's systems once the company and the FFC's investigation is complete.

Via The Verge

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Read more
Data Breach
US state sues T-Mobile over 2021 data breach which leaked data of millions
Someone holding a passport with two boarding passes inside it
Top digital loan firm security slip-up puts data of 36 million users at risk
Cartoon Phishing
One of the largest data leaks ever sees info on 1.5 billion people leaked online
Security padlock and circuit board to protect data
Mexican fintech company Miio exposed millions of files of sensitive customer data
Illustration of a thief escaping with a white fingerprint
5 massive privacy scandals that rocked the world – and made millions of victims
A digital themed isometric showing a neon padlock in the foreground, and a technological diagram of a processor logic board in the background.
Major breach hits employee screening firm - 3.3 million affected as hackers steal DISA data
Latest in Security
Google Chrome dark mode
Google updates Chrome extension rules to ban affiliate link injection without user action or benefit
Abstract image of robots working in an office environment including creating blueprint of robot arm, making a phone call, and typing on a keyboard
This worrying botnet targets unsecure TP-Link routers - thousands of devices already hacked
Avast cybersecurity
UK cybersecurity sector could be worth £13bn, research shows
An option to add Ambient Music buttons to the iOS 18.4 Control Center.
Apple fixes dangerous zero-day used in attacks against iPhones and iPads
Trump
Hackers are abusing $TRUMP tokens to lure victims in to new phishing scam
An American flag flying outside the US Capitol building against a blue sky
Sean Plankey selected as CISA director by President Trump
Latest in News
Two Android phones on a green and blue background showing Google Messages
Struggling with slow Google Messages photo transfers? Google says new update will make 'noticeable difference'
Elayne, Egwene, and Nynaeve dressed regally and on horseback in The Wheel of Time season 3
'There's a reason why we do it': The Wheel of Time showrunner responds to fans who are still upset over the Prime Video show's plot alterations
Google Pixel 9
Android 16 could bring an improved Samsung DeX-style desktop mode to more phones
An Nvidia GeForce RTX 4060 Ti
Nvidia could unleash RTX 5060 and 5060 Ti GPUs on PC gamers tomorrow, but there’s no sign of rumored RTX 5050 yet
AI writing
ChatGPT just wrote the most beautiful short story, and I wonder what I'm even doing here
Google Chrome dark mode
Google updates Chrome extension rules to ban affiliate link injection without user action or benefit
More about security
Google Chrome dark mode

Google updates Chrome extension rules to ban affiliate link injection without user action or benefit
Trump

Hackers are abusing $TRUMP tokens to lure victims in to new phishing scam
MSI's four available motherboard sizes

Motherboard sizes explained: which should you buy in 2025?
See more latest
Most Popular
Apple products all showing different versions of the Apple Photos app
Apple Photos could actually win you over in iOS 18.4 – here are 4 improvements that are coming
Google Chrome dark mode
Google updates Chrome extension rules to ban affiliate link injection without user action or benefit
JBL Charge 6
JBL's new Bluetooth speakers bring all the upgrades I most wanted to see, and they're coming soon
Two Android phones on a green and blue background showing Google Messages
Struggling with slow Google Messages photo transfers? Google says new update will make 'noticeable difference'
Windows 10 button on a keyboard
Microsoft’s Remote Desktop app becomes the Windows App
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Thursday, March 13 (game #375)
Trump
Hackers are abusing $TRUMP tokens to lure victims in to new phishing scam
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Thursday, March 13 (game #641)
Abstract image of robots working in an office environment including creating blueprint of robot arm, making a phone call, and typing on a keyboard
This worrying botnet targets unsecure TP-Link routers - thousands of devices already hacked
Quordle on a smartphone held in a hand
Quordle hints and answers for Thursday, March 13 (game #1144)