Mobile Says Hackers May Have Personal Data Of 2 Million Customers

T-Mobile US Inc (TMUS.O) and its unit Metro PCS informed customers on Thursday about a potential security breach that was discovered and shut down by the company.

Data breaches involving cellular providers can be especially risky, according to Dan Guido, CEO of the security firm Trail of Bits, if they make it easier for a criminal to take control of a consumer's phone number by porting it to a new phone.

T-Mobile today confirmed that it was affected by a security breach.

The Bellevue, Wash. company said its cybersecurity team discovered an "unauthorized access" on August 20 and reported it to law enforcement. However, some customers' personal information - including name, billing zip code, phone number, email address, account number and account type - may have been exposed.

This isn't the first time T-Mobile customers have had to worry about fraud.

Props: Credit to T-Mobile for its promptness in reporting the breach. The breach was caused when "an global group" of hackers accessed a server through an API which was said not to have any "very sensitive data" available through it.

The telco company is redirecting all anxious customers to its customer care service available via phone call, its official website, or Apple iMessage and Business Chat.

The alert doesn't mention the number of subscribers involved but this is being reported by Motherboard as just shy of 3%, or around 2.26 million accounts. "We truly regret that this incident occurred and are so sorry for any inconvenience this has caused".