In a financial filing Thursday, T-Mobile disclosed that a hacker accessed the personal data of 37 million customers.
The telecom company said a “bad actor” began stealing data, including information such as “name, billing address, email, phone number, date of birth, T-Mobile account number and number of lines and plans on the account. Features,” Nov. 25 since
in SEC FilingsT-Mobile said it discovered the breach on Jan. 5, more than a month later, and within a day had fixed the problem the hacker was exploiting.
According to T-Mobile, the hackers did not breach any of the company’s systems but rather abused the application programming interface, or API.
“Our investigation is still ongoing, but the malicious activity appears to be fully contained at this time, and there is currently no evidence that a malicious actor was able to breach or compromise our systems or our network,” the company wrote.
This is the eighth time T-Mobile has been hacked since 2018. The most recent incident occurred in 2022, when a group of hackers known as Lapsus$ were able to gain access to the company’s internal devices, allowing them to do so. -Called SIM Swap, a type of hack where hackers take a victim’s phone number and then try to exploit it to reset and access the target’s sensitive accounts, such as email or cryptocurrency wallets.
T-Mobile did not immediately respond to a request for comment.