Experian today announced that one of its business units experienced a serious data breach, with hackers acquiring personal information for approximately 15 million T-Mobile users, as T-Mobile was the Experian client that was affected by the hack.
While credit card information was not obtained, data acquired from T-Mobile includes names, dates of birth, addresses, and Social Security numbers. In some cases, ID like a drivers' license or passport number was acquired, in addition to other information T-Mobile uses for credit assessments.
Consumers who applied for T-Mobile postpaid services between September 1, 2013 and September 16, 2015 were affected. Experian is notifying T-Mobile customers whose data was obtained and offering them two years of credit monitoring and identity protection through ProtectMyID.
T-Mobile CEO John Legere has penned a letter to customers about the breach and on Twitter, Legere says T-Mobile is looking into alternate service protection options that will be implemented shortly.
Obviously I am incredibly angry about this data breach and we will institute a thorough review of our relationship with Experian, but right now my top concern and first focus is assisting any and all consumers affected. I take our customer and prospective customer privacy VERY seriously. This is no small issue for us. I do want to assure our customers that neither T-Mobile's systems nor network were part of this intrusion and this did not involve any payment card numbers or bank account information.
According to Experian, steps have been taken to prevent additional attacks, and there has been no evidence thus far that the data "has been used inappropriately."