When new customers want to sign up with T-Mobile, they require a credit check to qualify for service and mobile-device financing. Those credit reviews are handled by Experian, one of the three big credit reporting agencies.
T-Mobile has announced that Experian has been hit with a major data breach, with hackers stealing the personal information of 15 million people who signed up with T-Mobile between Sept. 1, 2013 and Sept. 16, 2015.
The hacked records contained a consumer applicant’s name, address, Social Security number, date of birth, identification number (typically a driver’s license, military ID, or passport number) and additional information used in T- Mobile’s own credit assessment, Experian said. No payment card or banking information was obtained, the credit bureau added.
T-Mobile CEO John Legere said in a statement: “Obviously I am incredibly angry about this data breach and we will institute a thorough review of our relationship with Experian, but right now my top concern and first focus is assisting any and all consumers affected. I take our customer and prospective customer privacy VERY seriously.”
Experian, which gathers vast amounts of very personal information on all Americans, said hackers did not access other data beyond the T-Mobile customer files.
“This was an isolated incident of one server and one clients’ data,” Experian said in a public fact sheet.
It’s unclear what the hackers have done with the stolen T-Mobile data. Often, as previous data breaches demonstrate, the information is posted for sale on black-market sites. Hackers then created a searchable databases that make it easy for anyone to steal a consumer’s identity for a small price.
T-Mobile said that anyone concerned that they may have been impacted by Experian’s data breach can sign up for two years of free credit monitoring and identity resolution services at http://www.protectmyID.com/securityincident.