Wireless carrier T-Mobile recently discovered a data breach that allowed hackers to access the personal information of more than one million customers, the company recently announced. The breach exposed the personal data of customers with prepaid wireless accounts in which they paid a predetermined fee ahead of time for their wireless usage.

According to T-Mobile, cybersecurity officials discovered an unauthorized, malicious third party had access to the customer account information of many prepaid wireless customers. The exposed data included names, billing addresses, phone numbers, account numbers, service rates and plan features. No financial data or payment card information, Social Security numbers or passwords were compromised.

T-Mobile did not disclose the extent of the breach or how long the data was exposed, nor did they provide actual numbers on how many customers were potentially impacted. A T-Mobile representative told reporters the breach affected less than 1.5% of the company’s about 75 million customers, which could mean more than one million customers had their personal data stolen.

Unauthorized access to the data was promptly shut down and law enforcement was notified, company officials said. T-Mobile employees notified affected customers and advised them to update the PIN number on their T-Mobile account. Customers who did not receive a notification were not affected, according to the company.

T-Mobile officials stated they are continuously working on improving security to protect customer data and stay ahead of malware attacks. Officials said they have many safeguards in place to protect personal information. However, they conceded that no company is immune to criminal attacks.

In August 2018, T-Mobile reported a similar data breach that may have exposed the data of more than two million customers. The latest hack comes on the heels of T-Mobile CEO John Legere announcing his impending resignation as the company attempts to complete a merger with Sprint.