Fred Kost, senior vice president at “cloud control” firm HyTrust, said the Experian data breach and theft of T-Mobile customer data demonstrates the risks of using a third party to hold sensitive data. But if you’ve applied for credit, the agencies could know more about your financial situation than your parents or spouse do.
Experian has already begun informing T-Mobile clients whose personal information may have been compromised and is even offering them free credit monitoring and identity restoration.
Experian said the breach did not affect its vast consumer credit database.
But Experian says the T-Mobile consumer data and its consumer credit database – the credit reports noted above – are housed on a separate server and those records were not exposed in the hack.
The main question is why Experian is holding on to customer data after they processed the credit application of that individual.
T-Mobile has to decide whether to allow a potential customer to open an account or to finance their newly purchased phone.
“I do want to assure our customers that neither T-Mobile’s systems nor network were part of this intrusion and this did not involve any payment card numbers or bank account information”.
The data can be basic information such as your address and birthdate. The users were advised to check their health records because NHS has “pseudonymised’ records set, which were known as the Hospital Episode Statistics database”.
The records that were stolen reportedly include information such as names, addresses, birthdates, social security numbers, and identification numbers for driver’s licenses and passports.
Experian says that although there is no evidence to-date that the data has been used inappropriately, it strongly encourages affected consumers to enrol in the complimentary identity resolution services.
The CFPB, which was created after the 2008 financial crisis, started regulating credit agencies in September 2012.
T-Mobile CEO John Legere released a statement regarding this breach on the T-mobile website, saying they have been informed by Experian that they experienced a data breech and that the hackers were able to obtain information about 15 million of its subscribers. Keep in mind these are only data breaches admitted to by Experian, as the actual number could be much higher.
“Experian differentiated between personally identifying information that was not stored encrypted, and credit card info which was stored encrypted – both were hacked”, he said.
“This is not a really legitimate tool anymore”, he said, instead suggesting the companies tell the people how to protect their information by freezing their credit.