Cyber Incident Victim: T-Mobile US

On November 22, 2019, T-Mobile US publicly disclosed a security breach affecting a limited number of customers using its prepaid wireless services. The company's cybersecurity team identified and terminated unauthorized malicious access to certain account information during their investigation. Exposed data included customer names, billing addresses, phone numbers, account numbers, rate plans, and service plan features. T-Mobile confirmed that attackers did not compromise sensitive categories of information such as account passwords, financial details, or Social Security numbers. The telecommunications provider reported the incident to law enforcement agencies and initiated direct notifications to impacted customers via SMS messages on the disclosure date. Customers who had changed phone numbers or switched carriers were instructed to contact T-Mobile's privacy team via email for confirmation of their breach status.

T-Mobile advised all affected prepaid account holders to proactively change their account passwords and PIN codes as a precautionary measure, directing them to a dedicated support page for additional guidance. This incident marked T-Mobile as the second major US telecommunications provider to announce a security breach in 2019, following Sprint's disclosure of two separate incidents earlier that year. Sprint had reported in May that attackers exploited Boost mobile phone numbers and Boost.com PIN codes to access Sprint accounts, followed by a July breach where hackers compromised customer data through Samsung's official website. T-Mobile did not provide further technical details about the intrusion methodology or precise attacker identity when solicited for additional comment by media outlets. The company's public communication focused exclusively on containment actions completed prior to disclosure and recommended customer remediation steps without elaborating on forensic findings or long-term security improvements.