T-Mobile US said a hacker obtained data for 37 million customer accounts, though it didn’t include payment card information or personal identifying numbers.
The wireless provider said Thursday it discovered the hack on Jan. 5 and was able to trace the source and stop it within a day. The investigation is still ongoing, but the culprit appeared to obtain the information through a single entry point serving customer data, and doesn’t appear to have breached the company’s systems or network.
“Based on our investigation to date, customer accounts and finances were not put at risk directly by this event,” T-Mobile said in a filing.
The company alerted law enforcement and has begun notifying customers whose information may have been accessed. There may be “significant expenses” incurred in connection with the incident, but T-Mobile doesn’t expect at this time that it will have a material effect on its operations.
Shares slipped as much as 2% in extended trading at 4:26 p.m. in New York.
Learn how to navigate and strengthen trust in your business with The Trust Factor, a weekly newsletter examining what leaders need to succeed. Sign up here.