T-Mobile announced it has suffered a data breach, exposing prepaid customers’ sensitive information to hackers.

T-Mobile has not said when the attack occurred, but they have confirmed that financial data was not compromised. That means that credit card and back account information, as well as social security numbers, were not impacted. The company also stated that no passwords were compromised.

“The data accessed was information associated with your prepaid service account, including name and billing address (if you provided one when you established your account), phone number, account number, rate plan and features, such as whether you added an international calling feature. Rate plan and features of your voice calling service are ‘customer proprietary network information’ (‘CPNI’) under FCC rules, which require we provide you notice of this incident.”

The company has not said how many customer accounts were exposed, although a spokesman did tell CNET that the number was a “very small single digit percentage of customers.”

T-Mobile says all affected customers have been, or shortly will be, notified. If customers have not received notification, it likely means they were not impacted.