T-Mobile has announced its suffered from a data breach earlier this week. Though the problem was quickly contained, as many as 2 million customers might have had some of their personal information stolen in the hack. 

According to the No. 3 carrier in the U.S., the exploit occurred on Monday, Aug. 20 after hackers were able to exploit an internal API (application programming interface) on its servers that handled personal information.

T-Mobile told Motherboard the hack was likely done by an “international group” and affected 2 million people, which represented about 3 percent of the company’s customer base.

The following customer information was taken through the hack:

  • Name
  • Billing address
  • ZIP code
  • Phone number
  • Email address
  • Account number
  • Account type (prepaid or postpaid)

Luckily, the hackers didn’t receive passwords, credit card information, or social security numbers from customers.

Those affected are receiving a text message from T-Mobile that reads:

Hello—We ID’d & shut down an unauthorized capture of your info. No financial info/SSN taken but some personal info may have been. More: t-mo.co/security

Because passwords and sensitive financial data wasn’t included in the attack, there’s nothing customers need to do. For peace of mind, however, it might be wise to change your T-Mobile password.

For those with further questions, T-Mobile is directing users to its customer service department, which can be reached by dialing 611 on T-Mobile phones. Customers can also speak with a representative by using two-way messaging on MyT-Mobile.com, the T-Mobile App, or iMessage through Apple Business Chat.

Did you hear from T-Mobile about this issue? Did they provide any additional information?