T-Mobile USA recently began notifying an undisclosed number of customers that their personal information, including names, addresses, Social Security numbers and/or driver's license numbers, was exposed when servers owned and managed by an unidentified T-Mobile supplier were hacked (h/t SC Magazine).
The breach was discovered in late November of 2013 -- it's not clear why it took the company more than a month to notify customers.
"Although we believe the primary goal of the access was to obtain credit card numbers (which were not included in the file), the information that was accessible could also potentially be misused," the company stated in the notification letter [PDF]. "Our supplier has taken immediate measures to secure the impacted servers."
All those affected are being offered one free year of access to Experian's ProtectMyID Elite credit monitoring and identity theft protection service, and are also being advised to place fraud alerts on their credit files.