STE WILLIAMS

T-Mobile US has fallen victim to a data breach, the company confirmed in a brief note on its website.

The breach was spotted on 20 August by the firm’s cyber-security team, it said, and was plugged the same day.

“Out of an abundance of caution, we wanted to let you know about an incident that we recently handled that may have impacted some of your personal information,” T-Mobile US warned.

According to a report by Vice’s tech news offshoot, Motherboard, around two million customers – 3 per cent of T-Mobile US’s subscribers – were affected by the breach.

The US telco said none of the customers’ financial data or social security numbers were lifted and no passwords were compromised.

“However, you should know that some of your personal information may have been exposed, which may have included one or more of the following: name, billing zip code, phone number, email address, account number and account type (prepaid or postpaid).”

T-Mo added that it had reported the breach to “authorities”, without specifying who those authorities were. The breach was caused when “an international group” of hackers accessed a server through an API which was said not to have any “very sensitive data” available through it.

“As a reminder, it’s always a good idea to regularly change account passwords,” it chirpily added.

EE, which absorbed T-Mo’s UK operations, confirmed to El Reg that no Brits were affected. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2018/08/24/t_mobile_us_data_breach/