T-Mobile Data Breach Exposed Personal Data of 37 Million Customers

This post may contain affiliate links which may compensate us based on your interaction. Please read the disclosures for more information.

Image source: Getty Images
T-Mobile announced that a bad actor obtained personal data on approximately 37 million of its postpaid and prepaid customers in a recent SEC filing. The cybercriminal first retrieved data starting on or around Nov. 25, 2022. T-Mobile identified the data breach on Jan. 5, 2023. Stolen customer data includes:NamesBilling addressesEmail addressesDates of birthT-Mobile account numbersPlan information, such as number of lines on accounts and plan featuresMany of the exposed accounts didn’t include full data sets. The data breach also didn’t include any payment card information, Social Security numbers, tax IDs, passwords, or financial account information.T-Mobile said in its filing that “Our investigation is still ongoing, but the malicious activity appears to be fully contained at this time.” It has started notifying customers whose information may be compromised. It’s also working with federal agencies and law enforcement.So whatWith the amount of information companies have on us, data breaches are an ever-present concern for consumers. They also happen alarmingly often. There were 1,862 data breaches in 2021, a five-year high, according to recent identity theft statistics.This latest data breach continues a troubling pattern for T-Mobile. The wireless carrier has now been hacked five times since 2018.Fortunately, the leak didn’t include the most sensitive customer data, like Social Security numbers or credit card numbers. But customers whose information was leaked could receive spam or be the target of scammers.Now whatIf you’re a T-Mobile customer, be on the lookout for scams, like phishing attempts. That’s when a scammer contacts you and pretends to be a legitimate organization to get personal information. Since email addresses and account numbers were part of the data breach, it’s possible that scammers use email and text message phishing to try and steal more of your data.Keep an eye on your credit, as well. It’s unlikely that someone would be able to open a credit account in your name after this T-Mobile data breach. They’d generally need your Social Security number for that. Still, it’s smart to be vigilant, just in case. Several credit card companies offer free identity protection you can use to monitor your credit. In addition, you can get free weekly credit reports for all of 2023.If you want even more protection, there are two things you can set up with the credit bureaus to help prevent identity theft:A credit alert requires creditors to perform additional identity verification, such as calling you at a phone number you provide, before opening an account in your name.A credit freeze prevents anyone from pulling your credit, which stops creditors from opening an account for you. If you want to open a new account, you can unfreeze your credit.It’s up to you how cautious you want to be. The information that was leaked probably isn’t enough for identity theft. Monitoring your credit and watching out for scams should be enough to keep your identity and your finances safe.Alert: highest cash back card we’ve seen now has 0% intro APR until 2024If you’re using the wrong credit or debit card, it could be costing you serious money. Our expert loves this top pick, which features a 0% intro APR until 2024, an insane cash back rate of up to 5%, and all somehow for no annual fee. In fact, this card is so good that our expert even uses it personally. Click here to read our full review for free and apply in just 2 minutes. Read our free reviewWe’re firm believers in the Golden Rule, which is why editorial opinions are ours alone and have not been previously reviewed, approved, or endorsed by included advertisers.
The Ascent does not cover all offers on the market. Editorial content from The Ascent is separate from The Motley Fool editorial content and is created by a different analyst team.Lyle Daly has no position in any of the stocks mentioned. The Motley Fool recommends T-Mobile US. The Motley Fool has a disclosure policy. 

T-Mobile announced that a bad actor obtained personal data on approximately 37 million of its postpaid and prepaid customers in a recent SEC filing. The cybercriminal first retrieved data starting on or around Nov. 25, 2022. T-Mobile identified the data breach on Jan. 5, 2023. Stolen customer data includes:

NamesBilling addressesEmail addressesDates of birthT-Mobile account numbersPlan information, such as number of lines on accounts and plan features

Many of the exposed accounts didn’t include full data sets. The data breach also didn’t include any payment card information, Social Security numbers, tax IDs, passwords, or financial account information.

T-Mobile said in its filing that “Our investigation is still ongoing, but the malicious activity appears to be fully contained at this time.” It has started notifying customers whose information may be compromised. It’s also working with federal agencies and law enforcement.

So what

With the amount of information companies have on us, data breaches are an ever-present concern for consumers. They also happen alarmingly often. There were 1,862 data breaches in 2021, a five-year high, according to recent identity theft statistics.

This latest data breach continues a troubling pattern for T-Mobile. The wireless carrier has now been hacked five times since 2018.

Fortunately, the leak didn’t include the most sensitive customer data, like Social Security numbers or credit card numbers. But customers whose information was leaked could receive spam or be the target of scammers.

Now what

If you’re a T-Mobile customer, be on the lookout for scams, like phishing attempts. That’s when a scammer contacts you and pretends to be a legitimate organization to get personal information. Since email addresses and account numbers were part of the data breach, it’s possible that scammers use email and text message phishing to try and steal more of your data.

Keep an eye on your credit, as well. It’s unlikely that someone would be able to open a credit account in your name after this T-Mobile data breach. They’d generally need your Social Security number for that. Still, it’s smart to be vigilant, just in case. Several credit card companies offer free identity protection you can use to monitor your credit. In addition, you can get free weekly credit reports for all of 2023.

If you want even more protection, there are two things you can set up with the credit bureaus to help prevent identity theft:

A credit alert requires creditors to perform additional identity verification, such as calling you at a phone number you provide, before opening an account in your name.A credit freeze prevents anyone from pulling your credit, which stops creditors from opening an account for you. If you want to open a new account, you can unfreeze your credit.

It’s up to you how cautious you want to be. The information that was leaked probably isn’t enough for identity theft. Monitoring your credit and watching out for scams should be enough to keep your identity and your finances safe.

Alert: highest cash back card we’ve seen now has 0% intro APR until 2024

If you’re using the wrong credit or debit card, it could be costing you serious money. Our expert loves this top pick, which features a 0% intro APR until 2024, an insane cash back rate of up to 5%, and all somehow for no annual fee.

In fact, this card is so good that our expert even uses it personally. Click here to read our full review for free and apply in just 2 minutes.

Read our free review

We’re firm believers in the Golden Rule, which is why editorial opinions are ours alone and have not been previously reviewed, approved, or endorsed by included advertisers.
The Ascent does not cover all offers on the market. Editorial content from The Ascent is separate from The Motley Fool editorial content and is created by a different analyst team.Lyle Daly has no position in any of the stocks mentioned. The Motley Fool recommends T-Mobile US. The Motley Fool has a disclosure policy.

 Read More