Cybercriminals stole personal information from millions of T-Mobile customers in a data breach last November, according to the company. In a statement with the Securities and Exchange Commission, T-Mobile said the hack has come to light on January 5.

The unidentified cybercriminals had access to data from approximately 37 million customers last November through an API (Application Programming Interface). The unwanted intruder hacked a limited set of account data with names, birth dates, addresses, emails, and phone numbers. 

T-Mobile stated that based on their investigation, customer’s accounts and finances were not at risk by the event. A representative from the company says that all financial and personal information are safe.

Once T-Mobile learned about the breach, it promptly began an investigation with external experts in cybersecurity. According to their statement, they were able to trace the source of the hack and stop it within the day. 

They said the investigation is still going. However, the malicious activity is fully under control at the moment. Furthermore, there is no evidence that the malware was able to compromise their systems and networks. 

T-Mobile finished the statement saying they were quick to notify law enforcement and unnamed federal agencies. 

Last Thursday in a news release, T-Mobile stated that it was in the process of alerting all customers who were affected by the hack. 

The company says it understands that an event such as this has a significant impact on their customers. They offered their apologies and said they plan on continuing with their substantial yearly investments in their cybersecurity program. 

The filling said that T-Mobile may suffer notable expenses due to the breach. However, the company believes the incident won’t have a significant financial effect on their operations. 

The breach last November is not the first time that T-Mobile customers have had their personal data stolen. 

In July 2022, the company had to pay $350 million in order to settle a class action lawsuit. It happened after T-Mobile disclosed in 2021 that personal information such as driver’s license data and Social Security numbers were stolen. Back then, almost 76 million U.S. residents saw their information stolen.

During the settlement, the company said it would invest more than $100 million in data security and technology through 2022 and 2023. Before that, customer information was compromised in breaches that happened in January 2021, 2019, and 2018. 

Neil Mack, the senior analyst for Moody’s Investors Service, stated that while these breaches are not systemic, their frequency with T-Mobile is cause for concern amongst telecom peers. 

In last Thursday’s statement, T-Mobile said it began a multi-year investment to strengthen its cybersecurity after the first breach in 2021. 

These days, we are living in an increasingly digital world. With so much of our information such as passwords and credit card details online, it is becoming increasingly important to ensure that our data remains secure.

Fortunately, there are a few simple steps you can take to protect yourself against cyber threats.

In the following link, we will explore the easy cybersecurity checks that anyone can undertake to stay safe and secure online. Keep reading for expert advice on how to keep your personal data safe from prying eyes!