T-Mobile has revealed that records on 47.8 million current, former and prospective customers were stolen in a cyberattack that it announced on Monday.
The network said in a press release that some of the data that was accessed included the first and last names of customers, their date of birth, social security number, ID information, and in some cases phone numbers and account PINs.
Based on a preliminary analysis, the company said around 7.8 million prepaid customer accounts’ information was contained in the files that were stolen.
This is in addition to more than 40 million records of former and prospective customers who had previously applied for credit with the company.
However, T-Mobile said there was no indication that any customer financial information such as credit card details or other payment information had been included in the stolen data.
T-Mobile said: “We take our customers’ protection very seriously and we will continue to work around the clock on this forensic investigation to ensure we are taking care of our customers in light of this malicious attack.”
T-Mobile said customers will receive communications from the company offering two years of free identity protection services with McAfee’s ID Theft Protection Service. Customers will also be advised to change their PIN.
The investigation is ongoing and the company said the details of the attack may be updated.
T-Mobile first announced the cyberattack on Monday, when the company said it was investigating claims that a security breach had occurred and that it was unsure if any personal data had been compromised.
According to VICE’s Motherboard tech news site, the hack became apparent because someone was attempting to sell the users’ data in a shady online forum on Sunday.
Motherboard reported the seller was asking for six bitcoin—equal to around $270,000 at that time—for part of the data and that the rest was to be sold privately.
T-Mobile is a large communications network provider. In its Q2 report it said it had made net additions of around 1.4 million customers in Q2 2021, bringing its total customer count to 104.8 million.
The T-Mobile hack is not the only one to have taken place recently. Last week, global consulting firm Accenture was hit by a ransomware attack that was claimed by the LockBit cybercrimimal group.
Stacey Jones, an Accenture spokesperson, told CNN Business last Wednesday that affected systems had been fully restored.