A Whole Bunch of T-Mobile Prepaid Customers Got Hacked

Illustration for article titled A Whole Bunch of T-Mobile Prepaid Customers Got Hacked
Photo: Mark Lennihan (AP)

As the saying goes, I am, therefore I am hacked. Or something like that.

Such is the existence of T-Mobile prepaid customers, more than a million of whom had their account details and other personal information exposed by an unauthorized breach, according to TechCrunch’s estimate. The company announced the breach in a letter to customers on Friday.

The exposed data includes names, phone numbers, billing addresses, T-Mobile account numbers, and details about rates and plans, the company said. It added that no payment card data nor Social Security numbers were exposed by the “malicious, unauthorized access.” The company also said that “no passwords were compromised”—but if you’re a prepaid T-Mobile customer, it’s probably a good idea to go change your password anyway.

Because the breach involved “customer proprietary network information,” the company’s disclosure to impacted customers is required by the Federal Communications Commission.


“We take the security of your information very seriously and have a number of safeguards in place to protect your personal information from unauthorized access,” the company said in the note to affected customers, ignoring the palpable irony. “We truly regret that this incident occurred and apologize for any inconvenience this has caused you.”

The T-Mobile breach comes amid the company’s attempt to merge with Sprint—so, no great timing! The FCC and the U.S. Department of Justice have both approved the merger; however, a group of state attorneys general has filed suit to block the $26 billion deal on the grounds that a consolidated wireless market could raise prices for customers.

In other news, T-Mobile’s gregarious CEO, John Legere, announced on Monday that he will step down from the role next April.

While the T-Mobile hack is nothing compared to the mega-breaches we’ve seen in recent years, it serves as a reminder that if something can be hacked, it probably will be. Despite that miserable reality, federal lawmakers, who have the power to demand companies take greater measures to protect our personal information, have done exactly two things toward that end: Jack and shit—and Jack just left town with your data.


Deputy Editor, Gizmodo

Share This Story

Get our `newsletter`