T-Mobile disclosed a major cyberattack that exposed personal information tied to more than 40 million current, former, and prospective customers, including names, dates of birth, Social Security numbers, and driver's license details. The company said the intrusion targeted customer records and prompted an ongoing investigation, while reporting indicated the breach affected both existing subscribers and people who had previously applied for credit with the carrier.
The carrier was hit again in later incidents, underscoring persistent security problems despite a reported $150 million investment in cybersecurity. In early 2023, T-Mobile disclosed another breach affecting customer account data, and later that year a separate exposure involving roughly 90GB of data surfaced on a hacker forum and was linked to a T-Mobile glitch, raising fresh concerns about the company's ability to prevent repeated leaks of sensitive customer information.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
5 events from the most recent confirmed update back to the earliest known activity.
A 90GB dataset allegedly tied to a T-Mobile glitch was posted on a hacker forum, raising concerns about another exposure of customer-related information. The report linked the leaked data to a technical flaw rather than the earlier 2021 breach.
In January 2023, T-Mobile disclosed a new breach involving unauthorized access to customer data, prompting renewed scrutiny of the company's security posture despite prior investments. Coverage highlighted that the incident exposed information from millions of customer accounts.
T-Mobile disclosed that hackers stole personal data tied to more than 40 million current, former, and prospective customers in the 2021 breach. Reporting described the incident as one of the largest telecom data breaches in the United States.
T-Mobile said it was investigating a cyberattack after confirming unauthorized access to company data. The company indicated customer information had been exposed and that the investigation was ongoing.
Motherboard reported that a seller on an underground forum claimed to have stolen data tied to more than 100 million T-Mobile customers and was offering part of it for sale. T-Mobile said it was investigating the claims, while samples reviewed by reporters appeared to contain authentic customer information.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
5 references tracked. Mallory keeps watching after this page renders.
hackread.com
Open sourcewired.com
Open sourcewashingtonpost.com
Open sourcet-mobile.com
Open sourcevice.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.