In a Form 8-K filing with the US Securities and Exchange Commission, T-Mobile said it identified a bad actor obtaining data through a single API without authorization on January 5, 2023. Within a day of detection, the carrier was able to track down the source of the activity and put…