T-Mobile has confirmed that millions of customers have had their data stolen during a hack. Data from 7.8m postpaid, 850,000 prepaid and records from 40m former and prospective customers were breached.
Two days ago reports emerged that a hacker was selling 30 million ‘fullz,’ a term which describes complete identity data, on the dark web in exchange for 6 BTC (£195,853). The seller claimed the data originated from T-mobile servers.
T-mobile has since confirmed news of the hack and today assured customers that it had “located and immediately closed the access point” used to illegally gain access to its servers.
The team admitted that the leak included personal customer data such as first names, last names, dates of birth, SSN, and driver’s licences/ ID information. No phone numbers, account numbers, PINs, passwords or financial information are believed to have been compromised during the breach.
T-mobile is now coordinating with law enforcement as a forensic investigation into the attack continues.
A spokesperson for T-mobile said: “We take our customers’ protection very seriously and we will continue to work around the clock on this forensic investigation to ensure we are taking care of our customers in light of this malicious attack.”
The company will be offering two years of free McAfee identity protection to customers and has recommended that all customers change their T-mobile PINs.
T-mobile’s share price is down -1.84 per cent in the past five days.