T-Mobile says cyberattack impacted more customer data than initially thought

Data on millions of additional customers was also compromised, T-Mobile said.

August 20, 2021, 4:55 PM

T-Mobile revealed Friday that the personal data of more than 5 million additional customers was compromised in the recent cyber attack, bringing the total number of people impacted to over 50 million.

The company revealed earlier this week that it was the victim of a "highly sophisticated cyberattack," and that the data of millions of current and prospective customers -- including names and social security numbers -- had been compromised. The company reiterated on Friday that it has no indication any of the stolen files include financial information or credit and debit card information.

"We previously reported information from approximately 7.8 million current T-Mobile postpaid customer accounts that included first and last names, date of birth, SSN, and driver’s license/ID information was compromised," the company said Friday, adding that it also determined phone numbers and IMEI and IMSI information (identifier numbers associated with a mobile phone) were also compromised. "Additionally, we have since identified another 5.3 million current postpaid customer accounts that had one or more associated customer names, addresses, date of births, phone numbers, IMEIs and IMSIs illegally accessed."

The company said the additional accounts, however, did not have any social security numbers or driver's license information compromised.

"We also previously reported that data files with information from about 40 million former or prospective T-Mobile customers, including first and last names, date of birth, SSN, and driver’s license/ID information, were compromised," the company added. "We have since identified an additional 667,000 accounts of former T-Mobile customers that were accessed with customer names, phone numbers, addresses and dates of birth compromised."

Similarly, the company said social security numbers or driver's license information for the additional batch of accounts was not accessed.

People walk past the front of a T-Mobile retail store on Aug. 18, 2021, in Arlington, Va.
Chip Somodevilla/Getty Images

The mobile carrier said the investigation remains ongoing, but they are confident the access point used by hackers to access their networks has been closed off.

T-Mobile said it is offering support to those impacted by the data breach by offering two years of free identity protection services with McAfee's ID Theft Protection Service, sharing best practices and security steps that can be taken and recommending customers sign up for a free scam-blocking protection.

The company also published a customer support landing page with further information on the data breach.

"As we support our customers, we have worked diligently to enhance security across our platforms and are collaborating with industry-leading experts to understand additional immediate and longer-term next steps," the company said. "We also remain committed to transparency as this investigation continues and will continue to provide updates if new information becomes available that impacts those affected or causes the details above to change or evolve."

The massive breach at the mobile carrier comes amid a spate of recent high-profile cybersecurity attacks on firms big and small -- raising concerns from many that no company is immune.

In the wake of the Colonial Pipeline ransomware attack that forced a multiday shutdown of a massive East Coast fuel conduit, President Joe Biden signed an executive order aimed at modernizing the federal government's response to cyberattacks.