Experian, which processes credit applications on behalf of T-Mobile, has publicly disclosed a security breach detected on Sept 15th, which may affect millions of T-Mobile's customers. The data breach affected a server that contained personal information for consumers who applied for T-Mobile USA postpaid services between Sept. 1, 2013 and Sept. 16, 2015.
While no payment card information or banking information was exposed during the breach, the information that was accessible may put millions of individuals at increased risk of identity theft. The server stored records containing names, addresses, social security number, date of birth, ID information (drivers license, passport numbers etc.) and other information used for T-Mobile's credit assessment.
While the social security numbers and I.D. information was encrypted on the server, Experian has determined that the encryption may have been compromised.
Experian has notified federal and international law enforcement agencies of the hack and is cooperating with the investigation. It is also notifying the individuals who may have been affected and is offering free credit monitoring and identity resolution services for two years through ProtectMyID.
The service provides a credit report from Experian upon enrollment, credit monitoring from all three nationwide credit reporting agencies, internet scans, access to specialized fraud resolution agents and more.
Affected individuals can find more information at www.ProtectMyID.com/SecurityIncident
T-Mobile Chief Executive is Incredibly Angry
As you can imagine, T-Mobile is not impressed with Experian at this present moment, enough so that T-Mobile CEO John Legere says the carrier will institute a thorough review of its relationship with Experian.
"Obviously I am incredibly angry about this data breach and we will institute a thorough review of our relationship with Experian, but right now my top concern and first focus is assisting any and all consumers affected," Legere wrote.
"I take our customer and prospective customer privacy VERY seriously. This is no small issue for us. I do want to assure our customers that neither T-Mobile's systems nor network were part of this intrusion and this did not involve any payment card numbers or bank account information."
Sources & Recommended Reading:
Overview: Unauthorized Acquisition of Personal Information: www.experian.com
Experian Press Release: www.prnewswire.com
T-Mobile CEO on Experian's Data Breach: www.t-mobile.com
Written by: James Delahunty @ 2 Oct 2015 12:21