T-Mobile admits over 40 MILLION customers are affected by ‘huge data breach’ that stole social security numbers
T-MOBILE has admitted that over 40 million of its customers have been hit by a data breach in the US.
The data breach was initially reported to include social security numbers, phone numbers, names, physical addresses, unique IMEI numbers, and driver's license information.
The breach is thought to have affected around 7.8 million current T-Mobile postpaid customer accounts and over 40 million former or prospective customer records.
T-Mobile was first alerted to the breach by a forum post from a hacker claiming to be selling huge amounts of personal data.
The post didn't mention T-Mobile specifically, but when contact by the seller claimed that the data had been lifted from T-Mobile Servers.
"T-Mobile USA. Full customer info," the seller told the outlet, claiming that the information of 100 million customers had been compromised.
The alleged sleuth was requesting six bitcoin - or roughly $260,000 - in exchange for a subset of the data which contains 30 million social security numbers and driver's licenses, VICE reported.
Most read in Phones & Gadgets
The seller suggested that T-Mobile had already responded to the breach, adding: "I think they already found out because we lost access to the backdoored servers."
While the hacker has been removed from the hacked server, they claim they had already downloaded the data locally.
"It's backed up in multiple places," they told Motherboard vertical.
In a recent statement, T-Mobile said it had been made aware of the hacker's claims and have been "actively investigating their validity."
"We do not have any additional information to share at this time," the company added, declining to comment about the scale of the hack.
However, the company has now admitted that the breach was a "highly sophisticated cyberattack" that affected over 40 million people.
It said it is "taking immediate steps to help protect all of the individuals who may be at risk from this cyberattack".
Personal information has been stolen but no financial information is said to have leaked.
In the UK, T-Mobile UK was renamed EE in 2012.
It's not thought that any UK customers have been affected.
No financial compensation has been offered, but T-Mobile is giving each affected customer a two-year subscription to McAfee's ID Theft Protection Service.
- Read all the latest Phones & Gadgets news
- Keep up-to-date on Apple stories
- Get the latest on Facebook, WhatsApp and Instagram
Best Phone and Gadget tips and hacks
Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered...
- How to get your deleted Instagram photos back
- How can I change my Facebook password?
- How can I do a duet on TikTok?
- Here's how to use your iPhone's Apple logo as a BUTTON
- How can I change my Amazon Alexa voice in seconds?
- What is dating app Bumble?
- How can I increase my Snapchat score?
- How can I test my broadband internet speed?
- Here's how to find your Sky TV remote in SECONDS
In other news, Twitter is having to make changes to its redesign of the app after users complained about headaches and migraines.
READ MORE SUN STORIES
Sexting warnings will be sent to parents of children who have an iPhone or iPad that is sending or receiving explicit images.
And, the next iPhone will come in a new pink colour and start at just under £800, according to recent rumours.
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]