T-Mobile US and its unit Metro PCS have informed customers about a potential security breach that was discovered and shut down by the company.
The cyber security team found and shut down unauthorised access to certain information on 20 August, and reported the matter to authorities, T-Mobile said in a statement.
“Out of an abundance of caution, we wanted to let you know about an incident that we recently handled that may have impacted some of your personal information,” the statement read.
“We take the security of your information very seriously and have a number of safeguards in place to protect your personal information from unauthorised access.
“We truly regret that this incident occurred and are so sorry for any inconvenience this has caused you.”
No financial data, social security numbers or passwords were compromised, but other personal information like name, email-id, phone number, zip code, account number or type (postpaid or prepaid) may have been exposed, the company said.
About three per cent of T-mobile's 77 million customers - around 2.3 million - could have been affected, a company spokesperson told technology news website Motherboard.
“All affected customers have been, or shortly will be, notified,” the statement added. “If you don’t receive a notification then that means your account was not among those impacted by this incident.”
T-Mobile did not respond to Reuters request for comment outside regular business hours.
(Reporting by Ishita Chigilli Palli in Bengaluru; Editing by Sunil Nair)