Want CNET to notify you of price drops and the latest stories?

T-Mobile Announces Another Data Breach

It affected just over 800 people but follows the data breach impacting 37 million customers in January.

Corinne Reichert Senior Writer
Corinne Reichert (she/her) grew up in Sydney, Australia and moved to California in 2019. She holds degrees in law and communications, and currently oversees the CNET breaking news desk for the West Coast. Corinne covers everything from phones, social media and security to movies, politics, 5G and pop culture. In her spare time, she watches soccer games, F1 races and Disney movies.
Expertise News
Corinne Reichert
T-mobile logo

T-Mobile has reported another data breach.

James Martin/CNET

T-Mobile has suffered another customer data breach, as reported earlier Monday by Bleeping Computer. While this one is very small -- affecting just over 800 people -- it follows a massive data breach impacting millions of people in January that prompted questions about T-Mobile's cybersecurity track record.

The latest data breach for the nation's second-largest wireless carrier occurred between Feb. 24 and March 30 and was discovered March 27. During a breach caused by hacking, 836 people had their names and driver's license or identification card numbers stolen, as well as possibly their account PIN, Social Security number, date of birth, balance due and phone plan, among other details. Financial account information and call records were not breached.

"We notified a small number of customers that our systems and processes worked to detect and stop a bad actor who was accessing accounts using compromised credentials," T-Mobile told CNET in an emailed statement. The carrier will continue investigating the breach to "expand the safeguards," it said.

The breach follows T-Mobile in January saying a "bad actor" took advantage of one of its application programming interfaces to gain data on "approximately 37 million current postpaid and prepaid customer accounts."

Another data breach in 2021 affected 54 million customers and led to a huge $500 million class-action settlement announced in January 2022 that just closed up applications for folks to get a piece of.

There were also a couple of breaches in December 2021 and November 2022.