franckreporter Communications services provider, T-Mobile (TMUS) revealed data breach of 37M customer accounts. The hackers didn’t breach any company system but rather abused an application programming interface, or API. “We may incur significant expenses in connection with this incident,” T-Mobile revealed in the SEC filing. “Although we are unable to predict the full impact of this incident on customer behavior in the future, including whether a change in our customers’ behavior could negatively impact our results of operations on an ongoing basis, we presently do not expect that it will have a material effect on the Company’s operations.” T-Mobile elaborated that no social security numbers, credit card information, government ID numbers, passwords, PINs or financial information were exposed. Stolen data included customer names, billing addresses, emails, phone numbers, dates of birth, T-Mobile account numbers and information describing the kind of service they use. The company has started notifying customers whose data may have been compromised. An external cybersecurity team is currently investigating the data breach, however the company believes it is fully contained. This is the eighth time T-Mobile was hacked since 2018. “Our investigation is still ongoing, but the malicious activity appears to be fully contained at this time, and there is currently no evidence that the bad actor was able to breach or compromise our systems or our network,” said T-Mobile. Stock price fell 1.6% during after-market hours on Thursday.
