Telecommunications giant T-Mobile is the latest victim of a large-scale data breach, with personal data belonging to more than two million of its customers having been leaked. The exposed information included customer name, phone number, email address, billing zip code, account number and whether the account was pre-paid or post-paid.
As bad as that is, it could have been far worse. Fortunately, no financial information, passwords, or social security numbers were compromised.
According to the official statement released by T-Mobile, their security team shut down the "unauthorized capture of some information" on August 20th of this year. The statement did not provide specific details about how the hackers got into the company's servers, and only provided an estimate of the total number of customer records impacted.
The statement read, in part:
"We take the security of your information very seriously and have a number of safeguards in place to protect your personal information from unauthorized access. We truly regret that this incident occurred and are so sorry for any inconvenience this has caused you."
T-Mobile has reached out to law enforcement and has contacted all customers who were impacted by the breach.
Although no passwords were compromised, if you received a notification from the company that information about your account was compromised, it would be wise to change your password just to be safe. Be on guard against phishing attacks that may target you based on the information that was gleaned via the breach.
This is but the latest in a long and growing stream of high profile breaches this year, but it is by no means the largest. Earlier this year, for example, Carphone Warehouse suffered a breach that impacted all of its ~10 million customers. As ever, vigilance is the key.