T-Mobile Admits Data Breach Which Exposed Prepaid Customer PII

Last updated September 17, 2021
Written by:
Bill Toulas
Bill Toulas
Cybersecurity Journalist

If you have prepaid for a T-Mobile wireless internet plan, your personal data has been accessed by hackers. According to a security incident announcement from the American communications giant, someone managed to access their internal database, stealing the personal information belonging to their prepaid customers. T-Mobile clarifies that while this was a significant exposing incident, no financial data, passwords, or social security numbers were involved, so the spill wasn’t absolutely catastrophic. Still, affected customers are receiving notifications that urge them to update their PIN/passcode, as well as to set up additional protection for their accounts.

The information that was accessed includes the customer names, phone numbers, billing addresses (if provided), account numbers, rate plans, and active voice calling features. As this data is underpinned by “customer proprietary network information” under the FCC regulation, the company is obliged by law to notify all of the affected clients as well as to report the issue to the concerned data protection organizations. If you are a prepaid customer and you haven’t received a notification from T-Mobile, you should email them at “[email protected]” and ask about your case specifically just to be sure that you’re on the safe side. Alternatively, call “611” from your T-Mobile phone.

Of course, the telecommunications service provider promises to do everything in their power to prevent this from happening again in the future and points out that the safeguards they already have in place helped them protect their customers from a more severe exposure this time. However, it is important to point out that the same company suffered a data breach back in August 2018, which was attributed to website flaws, resulting in the exposure of the personal data of two million customers. That said, they should have taken more decisive steps in the development of a robust security system that won’t be easy to break into.

Our advice to you is that even if you haven’t received a notification from T-Mobile, and if you called them and assured you that you hadn’t been exposed, you should still update your PIN/passcode. In the following period of time, you should beware of unsolicited communications, phishing and scamming attempts. Finally, no matter what T-Mobile says, you should keep a close eye on your bank account activity and report any transactions that you don’t recognize to your card issuer immediately.

Have you received a notification from T-Mobile? What can you share with us? Let us know in the comments section down below, or join the discussion on our social media channels on Facebook and Twitter.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: