T-Mobile reported on Thursday that its network was hacked in late November and took the personal information of 37 million users.
According to the company, the breach was discovered on January 5.
The company stated that users’ passwords, PINs, credit card numbers, Social Security numbers, and other government-issued identifications were not among the data exposed to theft.
“Our investigation is still ongoing, but the malicious activity appears to be fully contained at this time,” T-Mobile said.
T-Mobile claimed to have notified unnamed law enforcement and federal officials.
In recent years, the company has been hacked on several occasions. However, it stated in its report that it didn’t anticipate the most recent breach to affect its business materially.
Neil Mack, a senior analyst for Moody’s Investors Service, said that the breach raises concerns about management’s cyber governance, which may alienate customers and draw the attention of the Federal Communications Commission and other regulators.
“While these cybersecurity breaches may not be systemic in nature, their frequency of occurrence at T-Mobile is an alarming outlier relative to telecom peers,” Mack said.