Massachusetts Attorney General Maura Healey launched an investigation on Tuesday into a major data breach at T-Mobile that compromised the personal information of millions of its customers, officials said.
In a statement announcing the probe, Healey said she would determine whether the company had proper mechanisms in place to protect consumer and mobile device information.
In July, cyber hackers breached the wireless carrier’s databases, exposing sensitive information — including names, birthdays, social security numbers, addresses, and driver’s license information — for about 13.1 million of its customers and 40 million former and prospective customers, state officials said.
“My office is extremely concerned about how this data breach may have put the personal information of Massachusetts consumers at risk,” Healey said. “As we investigate to understand the full extent of what’s happened, we urge impacted consumers to take the necessary precautions to ensure their information is safe, and to prevent identity theft and fraud.”
Officials from T-Mobile did not return a request for comment on the investigation.
Mike Sievert, the chief executive of T-Mobile, said last month that he was “truly sorry” for the cyber breach, and that the incident was “humbling” for everyone at the company. “We didn’t live up to the expectations we have for ourselves to protect our customers,” he said. “Knowing that we failed to prevent this exposure is one of the hardest parts of this event.”
He said that the breach had been contained, and the investigation into it was “substantially complete.” Nearly every customer who had their data compromised has been notified, he added, confirming that no financial information — such as credit or debit card numbers — was accessed.
T-Mobile is offering affected customers two years of free identity protection, and suggests its customers reset their account pins and passwords. Consumers can access a hotline by dialing 611 from a T-Mobile phone or calling 1-800-937-8997.