Mobile telecommunications company T-Mobile disclosed a data security incident that might have exposed the account information of some of its customers.
T-Mobile’s Cybersecurity team learned of the incident when it discovered an attack against its email vendor. The team responded by shutting down the attack and launching an investigation into what happened.
This effort revealed that malicious actors had used the attack to access certain T-Mobile employees’ email accounts. At the time of compromise, those accounts had contained the account information of T-mobile customers and employees including their names and addresses, phone numbers, account numbers, and billing information, among other details.