T-Mobile has revealed a new data leak after attackers stole the confidential account information of 37 million customers through one of the APIs.

As T-Mobile managed to find out, hackers started stealing data on November 25, 2022. After detecting malicious activity on January 5, 2023, the operator disabled the attacker's access to the vulnerable API.

The company explained that the API involved in the incident did not give attackers access to customers' driver's licenses, social security numbers, tax ids, passwords, PIN codes, payment information (PCI) or other financial information.

The vulnerable API allowed hackers to extract customer account data, including name, billing address, email address, phone number, date of birth, T-Mobile account number and tariff plan functionality.

The preliminary result of the investigation indicates that the attackers managed to collect to varying degrees a limited set of personal data of 37 million customers with post-payment and prepayment.

Currently, the malicious activity is completely localized, there is no evidence that an attacker was able to hack or compromise T-Mobile systems or network.

T-Mobile has notified the competent authorities about the incident and is actively working with law enforcement authorities to investigate the violation.

In general, when it comes to large technological IT giants, you should not rely on the fact that a projectile does not fall into one funnel twice.

Since 2018, T-Mobile has been involved in seven serious cyber incidents.

The last to visit the operator's network in April 2022 was Lapsus$, using compromised credentials.