A Whole Bunch of T-Mobile Prepaid Customers Got Hacked

Photo: Mark Lennihan (AP)

As the saying goes, I am, therefore I am hacked. Or something like that.

Such is the existence of T-Mobile prepaid customers, more than a million of whom had their account details and other personal information exposed by an unauthorized breach, according to TechCrunch’s estimate. The company announced the breach in a letter to customers on Friday.

Advertisement

The exposed data includes names, phone numbers, billing addresses, T-Mobile account numbers, and details about rates and plans, the company said. It added that no payment card data nor Social Security numbers were exposed by the “malicious, unauthorized access.” The company also said that “no passwords were compromised”—but if you’re a prepaid T-Mobile customer, it’s probably a good idea to go change your password anyway.

Because the breach involved “customer proprietary network information,” the company’s disclosure to impacted customers is required by the Federal Communications Commission.

“We take the security of your information very seriously and have a number of safeguards in place to protect your personal information from unauthorized access,” the company said in the note to affected customers, ignoring the palpable irony. “We truly regret that this incident occurred and apologize for any inconvenience this has caused you.”

The T-Mobile breach comes amid the company’s attempt to merge with Sprint—so, no great timing! The FCC and the U.S. Department of Justice have both approved the merger; however, a group of state attorneys general has filed suit to block the $26 billion deal on the grounds that a consolidated wireless market could raise prices for customers.

Advertisement

In other news, T-Mobile’s gregarious CEO, John Legere, announced on Monday that he will step down from the role next April.

While the T-Mobile hack is nothing compared to the mega-breaches we’ve seen in recent years, it serves as a reminder that if something can be hacked, it probably will be. Despite that miserable reality, federal lawmakers, who have the power to demand companies take greater measures to protect our personal information, have done exactly two things toward that end: Jack and shit—and Jack just left town with your data.

Advertisement

Share This Story

Get our newsletter

About the author

Andrew Couts

Managing Editor, Gizmodo

EmailTwitterPosts
PGP Fingerprint: 6AA1 E3FB 5CD2 FAD9 CED9 77C9 EE4B 7BC0 B557 D68CPGP Key