T-Mobile CEO Mike Sievert announced on Friday that the telecommunication company is coordinating with law enforcement to conduct an investigation into a data breach involving a bad actor who "used brute force attacks and other methods" to access IT servers that included customer data.
"In short, this individual’s intent was to break in and steal data, and they succeeded,"
The data breach, first made public on August 17, is said to have compromised the information of some 50 million individuals.
Financial information, such as a credit card number stored payment information, were not accessed by the "bad actor" amid the breach, but some users may have had their social security number, name, address, date of birth and/or driver's license/ID information compromised.
"To say we are disappointed and frustrated that this happened is an understatement," Sievert's statement read. "Keeping our customers’ data safe is a responsibility we take incredibly seriously and preventing this type of event from happening has always been a top priority of ours. Unfortunately, this time we were not successful."
FireEye's Mandiant, a US-based cybersecurity firm, has been a part of the telecommunication company's forensic investigation team, but will now assume a larger role as part of a long-term partnership.
Consulting firm KPMG LLP has also entered into a partnership with T-Mobile, and the two will work in tandem to protect customers from future malicious cyber activity.
While a suspect has yet to be named by the telecommunications company, the Wall Street Journal published an article earlier this week reporting that John Binns, a 21-year-old American who relocated to Turkey, was behind the attack.
Binns told the publication very matter-of-factly that T-Mobile's "security is awful."