T-Mobile Gives an Update on its Cyberattack Investigation

T-Mobile has provided an update to its ongoing cyberattack investigation on its Investors blog, confirming that customer data has been stolen.

The stolen data apparently included names, dates of birth, driver’s license information, and even Social Security numbers for about 7.8 million current postpaid customers, as well as over 40 million former or prospective customers who had applied for credit with the company.

Phone numbers, account numbers, passwords and financial information was not compromised, the company said. Payment information like credit card numbers was not stolen either.

T-Mobile also confirmed that 850,000 prepaid customers had their names, phone numbers, and PINs stolen, as well.

The company is taking immediate steps to protect its customers who were affected by the cyberattack and has begun reaching out to them. T-Mobile already has reset the PINs for prepaid customers and encouraged others to reset them, as well.

"We take our customers’ protection very seriously and we will continue to work around the clock on this forensic investigation to ensure we are taking care of our customers in light of this malicious attack," wrote T-Mobile on the Investor page.

Affected customers will be given free identity protection with McAfee’s ID Theft Protection Service for two years. T-Mobile is recommending its customers to advantage of its Account Takeover Protection service.

The access point that was used to gain entry has been closed. T-Mobile states it will continue the investigation and cooperate with law enforcement as it learns more about the attack.