While no customer financial information appears to have been exposed, the stolen personal information includes names, dates of birth, Social Security numbers and driver’s license numbers for “a subset of current and former postpay customers and prospective T-Mobile customers.”
The company is recommending that all T-Mobile postpaid customers preemptively change the PINs protecting their accounts, though it said it has no evidence those PINs have been compromised. Account PINs belonging to the 850,000 prepaid customers were compromised, however, and T-Mobile said it has unilaterally reset those PINs as a security precaution.
Customers of other T-Mobile prepaid brands including Metro, Boost and former Sprint prepaid customers have not had their PINs or names exposed, T-Mobile added.
T-Mobile said it will offer two years of free credit monitoring to affected customers.