What happened
After a thorough investigation, we determined that a bad actor used a single Application Programming Interface (or API) to obtain limited types of information on a number of customer accounts on or around November 25, 2022 through January 5, 2023.
Our systems and policies prevented the most sensitive types of customer information from being accessed. Customer accounts and finances are not directly at risk by this event.
There is no evidence that the bad actor breached or compromised
T-Mobile's network or systems.
T-Mobile discovered the unauthorized activity on January 5, 2023. As soon as we identified the issue, we shut it down within 24 hours and an intensive investigation into the incident began.