The Washington state-based provider of wireless communication services including voice and messaging said its security team "discovered and shut down malicious, unauthorized access to some information" of T-Mobile users who subscribed to its prepaid wireless service.
The data comprised include names and billing addresses, phone numbers, account numbers, rate plan and features, such as whether an international calling is in service, T-Mobile said.
However, the company assured its users that their key information is safe, including their credit card information, social security numbers or passwords.
It noted that it has notified law enforcement about the breach, without elaborating on further details such as when and how long the hack took place, how the company responded to fix the loophole, or whether its database was compromised.
T-Mobile, which has more than 80 million users, promised to have a number of safeguards in place to protect its customers' "personal information from unauthorized access."
In August last year, a similar data breach occurred when about 2 million users were affected, with their email addresses and phone numbers stolen by hackers.
Latest comments