Skip to Content
t-mobile store with t-mobile phone in the foreground
© nikkimeel |
Security & privacy

37 million customers exposed in T-Mobile data breach

Hackers go after big companies for all the juicy customer data they can provide, and no organization is safe.

Just last month, DraftKings suffered a data breach. Here’s what to do if you have an account with the online sports betting service.

Being one of the “big three” wireless providers in the U.S. makes T-Mobile a prime target. Here’s what you need to know.

Note: T-Mobile is a sponsor of Kim’s national radio show.

The breach

On Jan. 5, T-Mobile identified a “bad actor” obtaining data through a single Application Programming Interface. An API is a set of rules that allow two applications to talk to each other and is often a target for hackers.

According to T-Mobile’s SEC filing, the API in question didn’t provide access to any customer payment card information, Social Security numbers, government-issued ID numbers, passwords/PINs or other financial account information. Rather, the hack exposed customer data that included names, billing addresses, email addresses, phone numbers, birthdays and T-Mobile account numbers and plan information.

The investigation revealed that some 37 million customer accounts were compromised, though many of them did not include the full data set.

T-Mobile believes that the breach began around Nov. 5, 2022. The company made an official announcement this week and has been informing affected customers.

Regarding the breach, T-Mobile says it “shut it down within 24 hours,” and that customer accounts and finances were spared.

RELATED: Norton customer breach: Were your passwords stolen?

What you can do

Even if your account wasn’t affected, it can’t hurt to change your T-Mobile login password. Her are some more tips to stay safe:

  • Change your passwords regularly – Do this at least once every few months. Tap or click here for tips to create stronger passwords.
  • Where available, always use two-factor authentication – This additional security measure makes it difficult for hackers to break into accounts without the security code sent to your phone or an authentication app. Tap or click here for more details on 2FA.
  • Antivirus is vital — Always have a trusted antivirus program updated and running on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan with TotalAV for only $19 at That’s over 85% off the regular price!

Keep reading

Is it safe to store financial documents and personal files in the cloud?

Block spam texts on your iPhone once and for all

Tech smarts in 2 minutes a day

Get my Daily Tech Update and the Digital Life Hack. Just one minute each and arm you with the tech knowledge you need to impress your boss and friends with how smart you are.