ARS Technica reported that cell phone carrier T-Mobile had a web API bug that exposed customer data for a time but is now fixed. The bug was contained in the wsg.t-mobile.com API and it allowed users to pull customer data by entering the customer phone number as a parameter.
T-Mobile has stated that it has no evidence that customer accounts were affected by this and that the issue was quickly resolved, according to cnet.com.