This time the damage appears to be much less severe – impacting limited number of mobile phone customers on its network, according to documents posted by The T-Mo Report.
There is no further detail about what exactly happened, with the documents simply saying that some info was leaked.
Affected customers fall into one of three categories. First, a customer may have only been affected by a leak of their customer proprietary network information (CPNI). This information may include the billing account name, phone numbers, number of lines on the account, account numbers, and rate plan info.
In the second category an affected customer might fall into is having their SIM swapped. This is where a malicious actor will change the physical SIM card associated with a phone number in order to obtain control of the number.
This can lead to the victim’s other online accounts being accessed via two-factor authentication codes sent to their phone number. The document said that customers affected by a SIM swap have now had that action reversed.
The final category is simply both of the other two. Affected customers could have had both their private CPNI viewed as well as their SIM card swapped.