T-Mobile Says 6 Million More Customer Files Accessed in Data Breach

T-Mobile US Inc. said the hack of its user database exposed another 6 million customers’ details, bringing the total number of compromised user records to more than 54 million as the carrier continues to investigate the extent of the intrusion.

In an update Friday, the company said 5.3 million more current T-Mobile customers had their names, addresses, birth dates and phone numbers exposed, though their Social Security numbers or driver’s license details weren’t included. The company also identified another 667,000 former clients who had some personal information compromised.

T-Mobile also said the hack accessed IMEI and IMSI data—serial numbers tied to phones—from current customers. These phone records were taken from the 5.3 million customers as well as 7.8 million customers that T-Mobile had identified as victims earlier this week.

Security researchers said the phone-specific serial numbers, when paired with other personal information, could prove particularly damaging in the hands of criminals who use the data to commit fraud. Attackers with information about a person’s subscriber identity module, or SIM, can use the information to impersonate a victim and take over his or her phone line.