T-Mobile disclosed a breach on March 5 2020 affecting approximately 200,000 customers. Attackers had accessed some T-Mobile employee email accounts containing customer proprietary network information (CPNI), including names, addresses, phone numbers, account numbers, rate plans, and features. The breach was detected on February 19 2020. No Social Security numbers, passwords, or financial data were exposed. This is a distinct and smaller incident from T-Mobile’s major breaches: the 2021 Binns breach (50M+ records via CVSS-scored API/brute force) and the 2023 API breach (37M records, tracked in DB as 2023-01_t-mobile-api). T-Mobile notified affected customers and the FCC.