In a data breach notification, T-Mobile disclosed that the account information of a number of its prepaid customers were accessed by an unauthorised party.
The company’s cybersecurity team discovered and shut down unauthorised access to information relating to customer’s T-Mobile prepaid wireless account.
The exposed information included customer names, billing addresses, phone numbers, account numbers, rate plans and plan features. T-Mobile noted that no financial data – including credit card information, or social security numbers was involved. In addition, no passwords were compromised.
The breach notification says: “”The data accessed was information associated with your prepaid service account, including name and billing address (if you provided one when you established your account), phone number, account number, rate plan and features, such as whether you added an international calling feature.”
The telecommunications giant said that is has notified law enforcement, and are now reaching out to its customers, via SMS notifications. Those who have yet to receive a notification and want to confirm they have not been impacted can do so by emailing firstname.lastname@example.org.
Impacted customers are urged to change their account passwords and PIN codes.
“We take the security of your information very seriously and have a number of safeguards in place to protect your personal information from unauthorized access. We truly regret that this incident occurred and apologize for any inconvenience this has caused you.”
Last year, T-Mobile fell victim to a data breach, whereby roughly 2.2million people are affected.
PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.
Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/