T-Mobile says recently reported hack that got data from 37,000 customers began in late November
T-mobile noted that the suspicious activity started as early as Nov. 25 2022 and the hack was discovered Jan. 5, 2023
Mobile communications giant T-Mobile says the hack in which data was obtained from roughly 37,000 customers suggested the breach was perpetrated by a single entity and said the effort began as far back as November 2022.
The company said the hack occurred through a single application but is unclear whether one more people were involved, according to a Security and Exchange Commission report filed Thursday.
The report blames a "bad actor" and "bad actor(s)."
"The preliminary result from our investigation indicates that the bad actor(s) obtained data from this API for approximately 37 million current postpaid and prepaid customer accounts, though many of these accounts did not include the full data set," the SEC filing states.
T-mobile also states suspicious activity started as early as Nov. 25 2022 and the hack was discovered Jan. 5, according to ABC News.
"We are continuing to diligently investigate the unauthorized activity," T-Mobile said in a statement. "In addition, we have notified certain federal agencies about the incident, and we are concurrently working with law enforcement."
Additionally, we have begun notifying customers whose information may have been obtained by the bad actor in accordance with applicable state and federal requirements."
The company said the hacker or hackers were able to access such data as names, billing addresses, email addresses, phone numbers, dates of birth and T-Mobile account numbers, NBC also reports.
However, the "bad actor" was not able to access information including social security and driver’s license number, and customer payment card information or other financial-account data, T-mobile said.