T-Mobile announced that a recent hack impacted 37 million of its customers' data. In a filing with the US SEC, the company said that it realized on January 5 that a "bad actor" had managed to infiltrate its computer system but the attack likely began around November 25.
After identifying the source of the hack, it was fixed within 24 hours, the telecom company said, adding that it believes the rest of its systems were not affected.
The hacked information includes T-Mobile customers' names, addresses, email, phone number, dates of birth and account numbers but does not include bank or social security card numbers or tax information.
Affected customers will be notified and an internal investigation is still underway and T-Mobile may incur “significant expenses” in connection with this incident.
This is the eighth time in five years that such cybersecurity fiasco has happened to the company.
The latest data breach comes after another episode in 2021 affected the data of 76.6 million US residents. Gaining access to T-Mobile systems around July 19, 2021, the telecom company only learned that a bad actor has illegally accessed around 50 million of its past, present and prospective customers on August 17, 2021.
To strengthen its digital defense, T-Mobile agreed to spend $150 million on data protection and cybersecurity in 2022 and 2023.