T-Mobile confirmed that attackers who breached its servers stole files containing the personal data of tens of millions of customers, of which about 7.8 million T-Mobile postpaid customers, 850,000 T-Mobile prepaid users and about 40 million former and future customers are affected.
While personal information was stolen during the breach, T-Mobile determined that stolen files do not contain phone numbers, account numbers, PINs, passwords, or financial information belonging to current or prospective T-Mobile customers.
The company warned all T-Mobile customers to be on the lookout for suspicious emails or text messages purporting to come from T-Mobile, and should they receive such messages, they should not click on embedded links, as attackers could use them to gain access to data.
T-Mobile also stated that it has already reset all PINs in the affected accounts to protect them from takeover attempts and that it is working to notify all affected customers.
For more information, read the original story in Bleeping Computer.