Telecom giant T-Mobile has revealed that a hacker has accessed a bulk of personal data belonging to 37 million customers.
T-Mobile said that the hacker has been stealing the data, which includes “name, billing address, email, phone number, date of birth, T-Mobile account number and information such as the number of lines on the account and plan features,” since November 25.
T-Mobile only detected the breach more than a month later, on January 5. T-Mobile claims it fixed the problem that the hacker was exploiting within a day of discovering it.
No company system was affected, T-Mobile claims.
This is the eighth time T-Mobile was hacked since 2018. In 2022, a group of hackers known as Lapsus$ was able to gain access to the company’s internal tools, which gave them the chance to carry out SIM swaps.
With SIM swaps, hackers take over a victim’s phone number and then try to leverage that to reset and access the target’s sensitive accounts such as email or cryptocurrency wallets.