This Thursday, the two companies posted a statement on the T-Mobile website, saying a potential security breach, which occurred on August 20, was discovered and promptly shut down. If you don't receive a text from T-Mobile by day's end, you're likely in the clear.
T-Mobile and MetroPCS customers with questions about the breach can dial 611 from their phones. That's tragic in and of itself, really.
A spokesperson from T-Mobile told Motherboard that about 3% of customers were affected. A recent survey of almost 500 organizations commissioned by IBM Corp. found that the average time to identify a data breach in the enterprise is a staggering 197 days.
But researchers who saw the compromised data say data exposed in the breach is more than what T-Mobile disclosed, Vice says; and that the passwords are likely encoded with a notoriously weak algorithm that can be cracked with brute force.
Out of an abundance of caution, we wanted to let you know about an incident that we recently handled that may have impacted some of your personal information.
The Bellevue, Wash. company said its cybersecurity team discovered an "unauthorized access" on August 20 and reported it to law enforcement.
T-Mobile began notifying customers of the intrusion this week and encouraged them to contact customer service with any concerns.
T-Mobile says the attack was carried out by hackers part of an global group, but no specifics were given.
The company also affirmed that it has security measures in place to protect customer information from unauthorized access, though they provided no specifics on the details of those safeguards.