As part of its ongoing data breach investigation, T-Mobile has confirmed the enormity of the stolen information. Roughly 47.8 million current and former or prospective customers have been affected by the cyberattack on its systems, the carrier confirmed on Wednesday. Of that number, about 7.8 million are current T-Mobile postpaid accounts and the rest are prior or potential users who had applied for credit, the company added in a press release.
Worryingly, the data includes some personal information including the first and last names, date of birth, SSN, and driver’s license/ID information for a "subset of customers." So far, T-Mobile said it does not have any indication that the stolen files contain phone numbers, account numbers, passwords or financial information.
What's more, the company said about 850,000 active T-Mobile prepaid customers also had their names, phone numbers and account PINs exposed. The affected users do not include Metro by T-Mobile, former Sprint prepaid, or Boost users and T-Mobile said it has reset the PINs on these accounts. In addition, it claimed that "some additional information" from inactive prepaid accounts was accessed through prepaid billing files.
The findings from the carrier's preliminary analysis come just days after it was notified of a data breach. Initially, it was reported that a member of an underground forum claimed to have obtained the data for over 100 million T-Mobile customers. The culprit was reportedly selling information of about 30 million T-Mobile customers for about $270,000 in Bitcoin.
As part of its compensation and mitigation efforts, T-Mobile is offering affected customers two years of McAfee’s ID Theft Protection Service; recommending all postpaid users change their PIN; and setting up an online resource page. T-Mobile said that it began coordination with law enforcement on Tuesday as its investigation into the data breach — the third such attack it has suffered in the past two years — continues.