T-Mobile has revealed further information about the recent cybersecurity attack. Aside from the earlier 48 million victims, there are another 5.3 million existing T-Mobile postpaid customers that have been found to be part of the hack. 

The newly discovered victims had their customer names, addresses, birthdays, phone numbers, IMEIs and IMSIs illegally accessed by the hackers. Unlike the first report, these accounts did not have their SSNs or driver’s license/ID information stolen. 

The new information also reveals another 667,000 former T-Mobile subscribers that have been included in the attack. The information stolen from them include their customer names, addresses, birthdays, phone numbers, IMEIs and IMSIs. 

It was formerly reported that Metro by T-Mobile subscribers were safe from the hack. But now, it looks like 52,000 Metro by T-Mobile customers have been included in the attack. 

Former Sprint prepaid and Boost Mobile customers remain to be in the clear. 

In total, these are the victims of the hack:

• 40,667,000 former or prospective T-Mobile customers
• 13,100,000 existing T-Mobile postpaid customers
• 850,000 existing T-Mobile Prepaid customers
• 52,000 Metro by T-Mobile customers

The Federal Communications Commission (FCC) has announced that it will be launching its own investigation. At least one class-action lawsuit has already been filed against T-Mobile, saying that its response and promise of a two-year identity protection service remains “inadequate” at this time. 

Source: T-Mobile