Experian claims the hack did not include any payment or banking information and that the hack did not breach any T-Mobile United States housed data. Experian said it will notify customers whose personal information was affected, and will offer them two years of free credit monitoring services.
T-Mobile customers who applied for wireless service between September 1, 2013 and September 16, 2015 might have had their information stolen according to Experian.
Experian immediately notified law enforcement upon discovery of the data breach, secured its server and is offering credit protection resources to consumers.
“T-Mobile uses Experian to check out the credit ratings of potential customers”. Similarly, Experian’s consumer credit database was not part of the hack.
Included in the stolen data are names, addresses, and birth dates as well as encrypted fields with Social Security Numbers and ID numbers (such as driver’s license or passport numbers). Most recently, that trend was seen in targeted attacks on health insurance companies that hold vast amounts of sensitive healthcare data, including Excellus, CareFirst, Anthem and Premera. Additionally, Experian said, “Although there is no evidence to-date that the data has been used inappropriately, Experian strongly encourages affected consumers to enroll in the complimentary identity resolution services”.
That did not sit well with a few of T-Mobile US’s customers, who feared that the company that just lost their personal details couldn’t be trusted to also monitor that same data for misuse.
“We take privacy very seriously and we understand that this new is both stressful and frustrating”, Experian North America CEO Craig Boundy said in a press release.
Connecticut’s attorney general said he will launch an investigation into the breach.
T-Mobile boss John Legere said he was “extremely angry” about the breach, in a letter to customers posted on the firm’s website. This is no small issue for us.