T-Mobile discloses 5.3M more postpaid accounts hit in data breach

The number of customers affected by the recent T-Mobile data breach continues to grow.

On Friday T-Mobile disclosed that it determined data for an additional 5.3 million current postpaid customer accounts, as well has more than half a million former T-Mobile customers, was accessed by hackers as the investigation into a massive breach continues.

T-Mobile provided the updated figures in an 8-K filing with the Securities and Exchange Commission (SEC). 

Earlier this week, T-Mobile had already found that personal information for 7.8 million postpaid, 850,000 active prepaid, and more than 40 million former and prospective customers was stolen.

Unlike data hacked in the earlier disclosed postpaid accounts, the ones confirmed Friday did not have any social security numbers, or driver’s license and ID information compromised, T-Mobile said in the August 20 SEC filing. However, hackers did access customer names, addresses, date of birth, phone numbers, IMEIs and IMSIs (the usual identifiers associated with a mobile phone).

RELATED: T-Mobile confirms 48M people hit by its data breach

Additionally, the carrier said Friday that 667,000 more accounts for former T-Mobile customers were breached, with hackers obtaining names, phone numbers, addresses and dates of birth.

The names of up to 52,000 current Metro by T-Mobile accounts may have also been exposed. Previously, only certain T-Mobile prepaid subscribers were compromised, including PINs – and the carrier said similar information from additional inactive prepaid accounts was also accessed. No information for former Sprint prepaid or Boost Mobile customers was accessed.

T-Mobile as of Friday had also determined additional data, including phone numbers, and IMEIS and IMSIs, was also illegally obtained for the 7.8 million postpaid accounts.  

RELATED: T-Mobile investigates reported customer data breach

It still looks as though no customer financial information, credit card, debit or payment information was involved in the breach.

Vice’s Motherboard reported on claims of a data breach over the weekend, after posts surfaced in an underground online forum purporting to sell personal customer data. The hacker claimed to have information related to 100 million people, stolen from T-Mobile servers.

T-Mobile began an investigation into validity of the claims and has maintained confidence that the access points hackers used in the cyberattack were closed off. Late Monday evening the carrier confirmed a breach but didn’t immediately know the scale or the nature of information taken.

RELATED: T-Mobile confirms unauthorized access to data, continues to investigate breach

In its 8-K filing, T-Mobile noted that the new figures are information it knows to date but expects the investigation “will continue for some time.” The FCC has said it will investigate the customer data breach. 

After the carrier determined earlier this week that data related to nearly 50 million people was involved, New Street Research analysts said they expected T-Mobile could face a fine of around $250 million.

In a Wednesday note to investors, New Street noted a drop in T-Mobile share value of about $5.3 billion on news of the breach.

The firm wrote “the loss of $5.3BN in value seems to imply that T-Mobile will have 1-2MM fewer customers as a result of the reputational damage inflicted by the breach.”

T-Mobile has seen multiple customer data breaches over the years, including 2018 and 2019, though the latest one appears to be the largest by far.

In 2015, T-Mobile found that personal information was stolen for 15 million people who applied for T-Mobile services when credit application vendor Experian’s systems were breached.