On August 18, 2021, T-Mobile USA, Inc. (“T-Mobile”) announced a data breach that exposed private information belonging to over 40 million current, former and prospective T-Mobile customers. Hackers gained access to information that T-Mobile collected from people as part of a credit check. It is possible that your information was compromised if you applied for T-Mobile service – even if you don’t currently have, or ended up not obtaining, service from T-Mobile.
T-Mobile is offering two years of free identity protection services. The best way to protect yourself after a data breach is to sign up for identity protection services as soon as possible.
In response to the incident, T-Mobile began an investigation into the leak, which is still ongoing. T-Mobile learned of this data breach when they received a tip that someone was selling private information on an online forum. T-Mobile was able to confirm that the data came from their servers.
According to T-Mobile, the following information was affected:
This information is called your Personally Identifiable Information (“PII”). It tells others about you and is considered part of your identity. Businesses are required to secure this information or risk facing statutory penalties, among other legal penalties. Stolen PII can be used by identity thieves to engage in fraudulent activity using your identity.
T-Mobile is a telecommunications company that most notably offers cellphone service in the United States. It is owned by German telecommunications company Deutsche Telekom AG and has a global presence. At this time, this data breach appears to have impacted people in the United States only.