SAN FRANCISCO, Aug. 24 (Xinhua) -- U.S. wireless network operator T-Mobile has alerted its users of possible leak of their private information in a security breach discovered a few days ago.
The major U.S. telecom firm based in Washington state on the U.S. west coast said on its website that its "cyber-security team discovered and shut down an unauthorized access to certain information," including name, billing zip code, phone number, email address, account number and other sensitive data.
Tech news website Motherboard reported Friday that the compromised information includes users' "encrypted passwords," a claim contrary to a previous statement by T-Mobile on Thursday that "no passwords were compromised."
A T-Mobile spokesperson declined to specify how those passwords were encrypted, or what hashing algorithm was used, said the report.
Despite the breached information that also contains its customers' account number and account type (prepaid or postpaid), T-Mobile said no financial data including credit card information or social security numbers were illegally accessed and leaked.
An estimated 3 percent of its 77 million customers, roughly 2 million people, could have been affected in the incident.
T-Mobile said it "regretted" this incident and has put a number of safeguards in place to protect the personal information of its customers from unauthorized access.