Experian Breach Exposes 15 Million T-Mobile Users
Consumer credit monitoring firm Experian on Thursday disclosed a data breach that exposed the personal data of 15 million potential T-Mobile customers.
That number includes people who applied for T-Mobile postpaid services or device financing between Sept. 1, 2013 and Sept. 16, 2015.
Stolen data contains names, dates of birth, addresses, and Social Security numbers and/or alternative ID (a driver’s license or passport number), as well as additional information used in T-Mobile’s own credit assessment process. No payment card or banking information was leaked.
“We take privacy very seriously and we understand that this news is both stressful and frustrating,” Experian North America CEO Craig Boundy said in a statement. “We sincerely apologize for the concern and stress that this event may cause.”
Experian is in the process of notifying affected customers, who will be compensated with two years of credit monitoring and identity resolution services from ProtectMyID. While there is no evidence (yet) that the stolen data has been used inappropriately, consumers are encouraged to enroll in the program.
T-Mobile is also working with Experian to take protective steps and keep subscribers in the know.
“Obviously I am incredibly angry about this data breach and we will institute a thorough review of our relationship with Experian, but right now my top concern and first focus is assisting any and all consumers affected,” CEO John Legere said.
“I take our customer and prospective customer privacy VERY seriously,” he continued. “This is no small issue for us. I do want to assure our customers that neither T-Mobile’s systems nor network were part of this intrusion and this did not involve any payment card numbers or bank account information.”
Consumers, beware: Experian and T-Mobile will not call or send a message asking for personal information in connection with this incident—so do not provide details to anyone who comes knocking.