Wireless communications company T-Mobile has disclosed a data breach incident that impacts certain customers with pre-paid service accounts.
“Our cybersecurity team discovered and shut down malicious, unauthorized access to some information related to your T-Mobile prepaid wireless account. We promptly reported this to authorities,” stated a notification that the Germany-based company posted online.
Compromised information includes names, billing addresses, phone numbers, account numbers, and rate plans and features, but no financial information, Social Security numbers or passwords. Because the Federal Communications Commission considers rate plans and features CPNI, or customer proprietary network information, T-Mobile was mandated by federal regulation to inform affected users.
In light of the breach, T-Mobile recommended that affected customers confirmed or update the PIN numbers or passcodes for their accounts as an extra layer of protection against malicious actors.
According to a BleepingComputer report today, a company spokesperson said the incident was immediately addressed after it was discovered in early November, and affected “a small number of customers.”