T-Mobile US Incorporated says an ongoing investigation into a data breach has revealed that hackers accessed personal information of an additional 5.3 million customers, bringing the total number of people affected to more than 53 million.
The third-largest U.S. wireless carrier said earlier this week that personal data of more than 40 million former and prospective customers was stolen along with data from 7.8 million existing T-Mobile wireless customers.
In its latest update, which comes days after the U.S. Federal Communications Commission (FCC) opened an investigation into the breach, T-Mobile revealed it had identified 5.3 million additional current wireless subscribers who were impacted by the breach as well as 667,000 more accounts of former customers.
The data includes addresses, dates of birth and phone numbers of customers, the company said, adding that it had no indication that the accessed data contained financial information such as credit card or other payment data.
The wireless carrier is the latest victim of a series of cyberattacks on large corporations in the United States as hackers exploit weakened user system privacy and security due to work-from-home policies instituted since the onset of the coronavirus pandemic.
“Our investigation is ongoing and will continue for some time, but at this point, we are confident that we have closed off the access,” T-Mobile said in a regulatory filing.
Some T-Mobile customers sued the company for damages late Thursday night in Seattle federal court, saying in a proposed class action that the cyberattack violated their privacy and exposed them to a higher risk of fraud and identity theft.
T-Mobile has offered antivirus maker McAfee’s identity protection services free for two years to anyone who believes their data was breached.