Update: August 18th, 2021
T-Mobile provided an update regarding the data breach investigation. Although they are still investigating, they have confirmed the breach contained customer information, including "first and last names, date of birth, SSN, and driver’s license/ID information for a subset of current and former T-Mobile customers." T-Mobile is working with law enforcement to determine whether or not the stolen data includes customer's banking information.
On August 15th, Vice reported that a post made on an underground forum claimed to "be selling a mountain of personal data." The seller says the data involves over 100 million users, and that it was taken from T-Mobile servers. Monday, August 16th, T-Mobile announced they were investigating the rumors.
The data is said to include information such as social security number, phone numbers, names, physical addresses, and more. T-Mobile has acknowledged the claims and have stated they are investigating, but have not confirmed the extent of the data breach or the specifics of the data involved.
In a statement T-Mobile said:
"We have determined that unauthorized access to some T-Mobile data occurred, however we have not yet determined that there is any personal customer data involved. We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed… Once we have a more complete and verified understanding of what occurred, we will proactively communicate with our customers and other stakeholders."
If you have been involved in a data breach, it's important to take precautions to secure your accounts and data from any further damage. Checking your credit reports for inaccuracies, using unique passwords across all accounts, and enabling multi-factor authentication are some easy ways to protect your data.