The wireless carrier T-Mobile was victims of a sophisticated cyber attack that targeted its email vendor.
A data breach notification published by the telecommunications giant on its website revealed that the security breach impacted both employees and customers.
“Our Cybersecurity team recently identified and shut down a malicious attack against our email vendor that led to unauthorized access to certain T-Mobile employee email accounts, some of which contained account information for T-Mobile customers and employees.” reads the data breach notification.
The company has immediately launched an investigation with the help of leading forensics experts, it already reported the incident to federal law enforcement.
Exposed data included customer names and addresses, phone numbers, account numbers, rate plans and features, and billing information, fortunately, financial information (including credit card data) and Social Security number were not impacted.
T-Mobile confirmed that some of these accounts accessed by the hackers contained account information for its customers and employees.
The company declared that it is not aware of abuses of the exposed information.
“We are not aware of any evidence where the information contained in the affected email accounts has been used to commit fraud or otherwise misused.” continues the notice.
T-Mobile was able to identify the intrusion and shut down the unauthorized access.
At the time of writing the company did not provide details