Bad news for T-Mobile prepaid customer, the US-based telecom giant T-Mobile today disclosed a new data breach incident.

The US branch of the telecommunications giant T -Mobile disclosed a security breach that according to the company impacted a small number of customers of its prepaid service.

The cybersecurity team at T-Mobile discovered an unauthorized access to information associated with a limited number of its prepaid wireless account customers.

“We want to let you know about an incident that we recently identified and quickly corrected that impacted some of your personal information.” reads the data breach notice published by the company.

Our Cybersecurity team discovered and shut down malicious, unauthorized access to some information related to your T-Mobile prepaid wireless account. We promptly reported this to authorities . None of your financial data (including credit card information) or social security numbers was involved , and no passwords were compromised.”

Exposed data includes name and billing address, phone number, account number, rate plan and features, like whether a customer has added an international calling feature.

“Rate plan and features of your voice calling service are ‘customer proprietary network information’ (‘CPNI’) under FCC rules, which require we provide you notice of this incident,” continues T-Mobile.

No financial information, social security numbers, and passwords were accessed by the attackers.

At the time of writing the company did not reveal details of the intrusion or the extent of the incident.

T-Mobile confirmed to have taken the necessary steps to lock out the attackers and immediately notified law enforcement of the security breach.

The company is notifying only affected customers through email, users can contact Customer Care to receive support and information on the incident.

The company is urging affected customers to update the PIN/passcode to access their accounts, let me suggest to not affected users to do the same.

Customers should remain vigilant on possible phishing messages that can use stolen data to trick victims into revealing sensitive data, passwords and financial information such as credit card information.

Another suggestion for T-Mobile customers is to monitor their bank and payment card statements for any suspicious activity and report to the bank if they find any.

In August 2018, T-Mobile announced it has suffered a security breach that exposed the personal information of up to 2 million T-mobile customers.

Pierluigi Paganini

(SecurityAffairs – data breach, T-Mobile)