T-Mobile US said on Friday an ongoing investigation into a data breach revealed that hackers accessed personal information of an additional 5.3 million customers, bringing the total number of people affected to more than 53 million.
The third-largest US wireless carrier had earlier this week said that personal data of more than 40 million former and prospective customers was stolen along with data from 7.8 million existing T-Mobile wireless customers.
In its latest update, which comes days after the US Federal Communications Commission (FCC) opened an investigation into the breach, T-Mobile revealed it had identified 5.3 million additional wireless subscribers who were impacted by the breach as well as 667,000 more accounts of former customers.
The data includes addresses, dates of birth, and phone numbers of customers, the company said, adding that it had no indication that the accessed data contained financial information such as credit card or other payment data.
Some T-Mobile customers sued the company for damages late Thursday night in Seattle federal court, saying in a proposed class action that the cyberattack violated their privacy and exposed them to a higher risk of fraud and identity theft.
The wireless carrier is the latest victim of cyberattacks on large corporations in the United States as hackers exploit weakened user system privacy and security due to work-from-home policies instituted since the onset of the coronavirus pandemic.
In 2018, the company had informed about a potential security breach that could have affected about 3 percent of its 77 million customers.
“T-mobile has had 6 other data breaches in the past 4 years,” said Doug Schmidt, a professor of computer science at Vanderbilt University.
“It appears that their IT system is particularly vulnerable since they haven’t been able to rectify their known security issues during this time period, which should be concerning to customers.”
T-Mobile said in a regulatory filing on Friday that while the investigation was ongoing, it was confident that it had “closed off the access.”