There was a vulnerability found.
T-Mobile classified it as “critical,” patched the bug and gave the researcher a $5,000 reward.
Hackers accessed customers’ sensitive information such as email addresses, billing account numbers, and their IMSI, the phone’s standardized unique number that identifies subscribers.
They also hijacked their phone numbers and tried stealing money from their banking accounts linked to those numbers.
"id": "TMO18348622",
"linkid": "t-mobile",
"type": "Vulnerability",
"date": "02/2018",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"