UnCool: 15M T-Mobile customers affected by Experian data breach that included Social Security numbers, more
T-Mobile has confirmed this evening that as many as 15 million of its customers have been affected by a data breach. As the company is quick to point out, however, the breach did not occur on its servers, but rather its creditÂ partner’s, Experian.
While Experian and T-Mobile both confirm that no credit card or banking information was compromised in the breach, a variety of other sensitive information was. Customer names, addresses, birthdates, Social Security numbers, and ID numbers were all leaked as part of the attack.
The attack affectsÂ approximately 15 million people who required a credit check when signingÂ up for device financing through T-Mobile. Perhaps most notably, however, the vulnerability was open for more than two years, from September 1, 2013 though September 16, 2015.
T-Mobile says that it is offering two years of free credit monitoring to anyone who fears they could have been affected by the breach. T-Mobile CEO John Legere wrote in an open letter on the carrier’s website that he is “incredibly angry about this data breach” and that T-Mobile will be reevaluating its relationship with Experian.
T-Mobile CEO on Experian’s Data Breach
Iâve always said that part of being the Un-carrier means telling it like it is. Whether itâs good news or bad, Iâm going to be direct, transparent and honest.
We have been notified by Experian, a vendor that processes our credit applications, that they have experienced a data breach. The investigation is ongoing, but what we know right now is that the hacker acquired the records of approximately 15 million people, including new applicants requiring a credit check for service or device financing fromÂ September 1, 2013 through September 16, 2015. These records include information such as name, address and birthdate as well as encrypted fields with Social Security number and ID number (such as driverâs license or passport number), and additional information used in T-Mobileâs own credit assessment. Experian has determined that this encryption may have been compromised. We are working with Experian to take protective steps forÂ allÂ of these consumers as quickly as possible.
Obviously I am incredibly angry about this data breach and we will institute a thorough review of our relationship with Experian, but right now my top concern and first focus is assistingÂ any and allÂ consumers affected.Â I take our customer and prospective customer privacy VERY seriously.Â This is no small issue for us. I do want to assure our customers that neither T-Mobileâs systems nor network were part of this intrusion and this did not involve any payment card numbers or bank account information.
Experian has assured us that they have taken aggressive steps to improve the protection of their system and of our data.
AnyoneÂ concerned that they may have been impacted by Experianâs data breach can sign up for two years of FREE credit monitoring and identity resolution services atÂ www.protectmyID.com/securityincident.Â Additionally, Experian issued a press release that you can readÂ here, and you can view their Q&A atÂ Experian.com/T-MobileFacts.
T-Mobileâs team is also here and ready to help you in any way we can. We have posted our own Q&AÂ hereÂ to keep you as informed as possible throughout this issue.
At T-Mobile, privacy and security is of utmost importance, so I will stay very close to this issue and I will do everything possible to continue to earn your trust every day.
Filed under: Tech Industry Tagged: breach, carrier, Data, T-Mobile
Comments Off on UnCool: 15M T-Mobile customers affected by Experian data breach that included Social Security numbers, more