Breach exposes T-Mobile customer data
T-Mobile US has informed its customers about a potential security breach that was discovered and shut down by the company on 20 August.
The company's cyber security team discovered and shut down unauthorised access to certain information and reported the incident to authorities.
In a statement, the company said that no financial data, including credit card information or social security numbers, was compromised, nor were any passwords. However, it said that some personal information may have been exposed, which could include names, billing codes, phone numbers, e-mail addresses, account numbers and account types.
Over two million affected
Approximately 3%, or 2.3 million of the telecom giant's 77 million customers, might have been affected, a T-Mobile spokesperson told technology news Web site, Motherboard.
The statement continued: "All affected customers have been, or shortly will be, notified. If you don't receive a notification, then that means your account was not among those impacted by this incident."
T-Mobile added: "We take the security of your information very seriously and have a number of safeguards in place to protect your personal information from unauthorised access. We truly regret that this incident occurred and are so sorry for any inconvenience this has caused you."
John Legere, CEO of T-Mobile, tweeted: "It's always a good idea to regularly change account passwords."
High-Tech Bridge's CEO, Ilia Kolochenko, said this particular incident 'favourably stands out among many others by prompt detection and transparent disclosure'.
"Many of the recent data breaches, including the most disastrous ones, were discovered weeks ago but then announced months after the occurrence. T-Mobile serves as a laudable example of prompt incident response."
However, he says this does not absolve T-Mobile from accountability for the breach and further cybersecurity enhancements to prevent similar incidents in the future.