Some T-Mobile customers may be receiving a message in the coming days regarding a security incident which took place on August 20th. According to the notice received by some customers already, "certain information" including names, addresses, account numbers, and account types may have been accessed in the breach before unauthorized access was shut down. Affected customers will allegedly be contacted by SMS, phone, or mail (the last only for business and government accounts, or those with over 100 lines).
According to the full statement being sent to those unlucky enough to be included, more sensitive information like social security numbers and credit card details were not included in the breach. Passwords for T-Mobile accounts were also not compromised.
Information on the precise circumstances of the breach is sparse, though T-Mobile's acknowledgment of the event is admirably prompt. Even the T-Mobile subreddit, which is usually a fountain of useful information when it comes to the company's happenings, is lacking details. The volume of affected subscribers has not been provided, and there's no schedule on when those customers may be contacted, leaving all of us anxiously wondering if we were included.
While we wait for more information, concerned parties can peruse T-Mobile's statement in full and smooth their fears a little. Based on the information accessed, even subscribers included in the breach shouldn't have too much to worry about.
According to a comment by a T-Mobile employee on the Reddit post, only government, business, or accounts with 100+ lines will receive letters.