T-Mobile US said hackers obtained data for 37 million customer accounts, though it did not include payment card information or personal identification numbers.
The wireless provider said it found the hack on January 5 and was able to track down the source and stop it in a day. The investigation is ongoing, but the culprit appears to have obtained the information through a single point of entry that serves customer data, and does not appear to have breached the company’s systems or networks.
“Based on our investigation to date, customer accounts and finances are not at immediate risk from this event,” T-Mobile said in a filing.
The company alerted law enforcement and began notifying customers who had access to the information. There may be “significant costs” associated with the incident, but T-Mobile does not expect at this time to have a material impact on operations.
Shares fell as much as 2% in extended trade at 4:26 pm in New York.
Learn how to navigate and strengthen trust in your business with The Trust Factor, a weekly newsletter that examines what leaders need to succeed. Log in here.