T-Mobile has confirmed hackers breached its systems.
The cell giant, currently merging with Sprint, said in a statement that hackers customer stole names, billing zip codes, phone numbers, email addresses, account numbers, and account type — such as if an account was prepaid or postpaid — in what the company described as an “unauthorized capture of data.”
No customer financial or billing data was compromised, the company said.
It’s not known when the breach occurred but the unauthorized access was detected and shut down on Monday.
A T-Mobile spokesperson told TechCrunch that the breach was “discovered and stopped very quickly,” and “affected a small number” of customers. But Motherboard reported that a spokesperson said about 3 percent of the company’s 77 million users were affected — some 2 million accounts.
T-Mobile began notifying customers of the breach Friday morning with a text message sent to affected accounts. But that drew ire from some, who said the shortlink in the text message looked like phishing.
So @TMobile have been sending out a breach alert (a legit one) using a short URL and a number of people think it’s #phishing.
Techcrunch eventDisrupt 2026: The tech ecosystem, all in one room
Your next round. Your next hire. Your next breakout opportunity. Find it at TechCrunch Disrupt 2026, where 10,000+ founders, investors, and tech leaders gather for three days of 250+ tactical sessions, powerful introductions, and market-defining innovation. Register now to save up to $400.
Save up to $300 or 30% to TechCrunch Founder Summit
1,000+ founders and investors come together at TechCrunch Founder Summit 2026 for a full day focused on growth, execution, and real-world scaling. Learn from founders and investors who have shaped the industry. Connect with peers navigating similar growth stages. Walk away with tactics you can apply immediately
Offer ends March 13.San Francisco, CA | October 13-15, 2026Why? BECAUSE IT LOOKS LIKE PHISHING! https://t.co/5fZJxaKszd
— 𝐎𝐥𝐢𝐯𝐞𝐫 𝐇𝐨𝐮𝐠𝐡 ⛱ (@olihough86) August 24, 2018
This is the latest in a string of security incidents at T-Mobile in the past year.
In May, a security researcher found a security weakness in a T-Mobile subdomain used by staff, which returned customer data without requiring a password. It was similar to a vulnerability found in another T-Mobile system reported by Motherboard some months prior, which exposed customers’ email addresses, their billing account numbers, and the phone’s IMSI numbers.
T-Mobile and other carriers earlier this year were also forced to stop sharing customer location data with third-parties, after Democratic senator Ron Wyden criticized the cell giants for the practice.
