T-Mobile US said investigation into a data breach revealed that hackers accessed data of an additional 5.3 million phone customers, bringing the total number of people to more than 53 million.
T-Mobile said in a regulatory filing on Friday that while the investigation was ongoing, it was confident that it had closed off the access.
The second largest U.S. wireless carrier – in terms of phone subscribers, earlier said that personal data of more than 40 million former and prospective customers was stolen along with data from 7.8 million existing T-Mobile wireless customers.
The U.S. Federal Communications Commission (FCC) has already started an investigation into the data breach, Reuters reported.
T-Mobile revealed it had identified 5.3 million additional wireless subscribers who were impacted by the breach as well as 667,000 more accounts of former customers.
The data includes addresses, dates of birth and phone numbers of customers, the company said, adding that it had no indication that the accessed data contained financial information such as credit card or other payment data.
Some T-Mobile customers sued the company for damages late Thursday night in Seattle federal court, saying in a proposed class action that the cyberattack violated their privacy and exposed them to a higher risk of fraud and identity theft.
In 2018, the company had informed about a potential security breach that could have affected about 3 percent of its 77 million customers.
T-Mobile has had 6 other data breaches in the past 4 years, said Doug Schmidt, a professor of computer science at Vanderbilt University.
“Their IT system is vulnerable since they haven’t been able to rectify their known security issues during this time period, which should be concerning to customers.”