T-Mobile Announces Another Data Breach

It affected just over 800 people but follows the data breach impacting 37 million customers in January.

Corinne Reichert Senior Editor
Corinne Reichert (she/her) grew up in Sydney, Australia and moved to California in 2019. She holds degrees in law and communications, and currently writes news, analysis and features for CNET across the topics of electric vehicles, broadband networks, mobile devices, big tech, artificial intelligence, home technology and entertainment. In her spare time, she watches soccer games and F1 races, and goes to Disneyland as often as possible.
Expertise News | Mobile | Broadband | 5G | Home tech | Streaming services | Entertainment | AI | Policy | Business | Politics Credentials
  • I've been covering technology and mobile for 12 years, first as a telecommunications reporter and assistant editor at ZDNet in Australia, then as CNET's West Coast head of breaking news, and now in the Thought Leadership team.
Corinne Reichert
T-mobile logo

T-Mobile has reported another data breach.

James Martin/CNET

T-Mobile has suffered another customer data breach, as reported earlier Monday by Bleeping Computer. While this one is very small -- affecting just over 800 people -- it follows a massive data breach impacting millions of people in January that prompted questions about T-Mobile's cybersecurity track record.

The latest data breach for the nation's second-largest wireless carrier occurred between Feb. 24 and March 30 and was discovered March 27. During a breach caused by hacking, 836 people had their names and driver's license or identification card numbers stolen, as well as possibly their account PIN, Social Security number, date of birth, balance due and phone plan, among other details. Financial account information and call records were not breached.

"We notified a small number of customers that our systems and processes worked to detect and stop a bad actor who was accessing accounts using compromised credentials," T-Mobile told CNET in an emailed statement. The carrier will continue investigating the breach to "expand the safeguards," it said.

The breach follows T-Mobile in January saying a "bad actor" took advantage of one of its application programming interfaces to gain data on "approximately 37 million current postpaid and prepaid customer accounts."

Another data breach in 2021 affected 54 million customers and led to a huge $500 million class-action settlement announced in January 2022 that just closed up applications for folks to get a piece of.

There were also a couple of breaches in December 2021 and November 2022.