Iphone 11 Pro Mint Mobile HeroSource: Christine Romero-Chan / iMore

What you need to know

  • Carrier T-Mobile has confirmed that unauthorized access to data on its servers did occur.
  • The company hasn't confirmed that personal data was stolen during the attack.

Following the news that T-Mobile was the victim of a data breach that saw personal data appear on the black market, the carrier has now released a statement. That statement confirms that someone did have access to data that they shouldn't have, but T-Mobile isn't sure that any of it was personal.

Yesterday saw Vice report that it had seen data that was supposedly stolen during the attack, including "social security numbers, phone numbers, names, physical addresses, unique IMEI numbers, and driver licenses information."

T-Mobile isn't so sure.

We have been working around the clock to investigate claims being made that T-Mobile data may have been illegally accessed. We take the protection of our customers very seriously and we are conducting an extensive analysis alongside digital forensic experts to understand the validity of these claims, and we are coordinating with law enforcement.

We have determined that unauthorized access to some T-Mobile data occurred, however we have not yet determined that there is any personal customer data involved. We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed. This investigation will take some time but we are working with the highest degree of urgency. Until we have completed this assessment we cannot confirm the reported number of records affected or the validity of statements made by others.

We understand that customers will have questions and concerns, and resolving those is critically important to us. Once we have a more complete and verified understanding of what occurred, we will proactively communicate with our customers and other stakeholders.

Both T-Mobile and the person who claims to have carried out the attack say that access to the servers has been revoked, so thinks should be fine from here on out. That doesn't mean that people won't be concerned about the information that could now be in the wild, however. T-Mobile says it will reach out to customers if and when it learns more.

T-Mobile has long been a popular option for people on the lookout for a great iPhone carrier. But security issues like this might give new customers cause for concern.