The fallout from T-Mobile's latest data breach is going from bad to worse. In an update issued Friday, the mobile carrier reported that hackers had illegally accessed one or more associated customer names, addresses, dates of birth, phone numbers, IMEIs and IMSIs of 5.3 million current postpaid customers. T-Mobile also said it had identified an additional 667,000 accounts of former customers that were accessed, with customer names, phone numbers, addresses and dates of birth compromised.
The new numbers push the total number of people affected by the breach past the 50 million mark.
T-Mobile noted that in its most batch of discoveries, affected customers' driver's license details and Social Security numbers weren't illegally accessed.
On Wednesday, the company said in a post that the personal data of more than 40 million customers was stolen by hackers. The data, which belonged to former and prospective customers, included names, dates of birth, driver's license details and Social Security numbers.
In addition, the company said that the hackers had swiped data belonging to approximately 7.8 million current postpaid customers. It also confirmed that 850,000 active T-Mobile prepaid customer names, phone numbers and account PINs were exposed.
Vice reported Friday that the company is now facing a class-action lawsuit over the breach, based on papers filed in a Washington court.
The breach, which was, is one of at least four to hit the mobile carrier since 2015. On this occasion, Vice reported that a seller on an underground forum was offering to sell the customer data for 6 Bitcoin (approximately $277,000). T-Mobile later confirmed it had been the victim of a cyberattack, and has now been investigating how many customers were affected for several days.
The company said in a press release at the time that it was taking immediate steps to help protect affected customers and has been coordinating with law enforcement.
"We take our customers' protection very seriously and we will continue to work around the clock on this forensic investigation to ensure we are taking care of our customers in light of this malicious attack," said the company. "While our investigation is ongoing, we wanted to share these initial findings even as we may learn additional facts through our investigation that cause the details above to change or evolve."