Network operator T-Mobile has confirmed that the data from as many as 15 million of its customer accounts has been affected by a data breach that has taken place on one of its corporate partner’s servers. Experian, which operates as one of the world’s largest credit monitoring outfit and works in partnership with companies like T-Mobile to process credit checks for new accounts, revealed the huge data breach last night, confirming that it took place on September 15.
According to T-Mobile Chief Executive John Legere, the stolen data was limited to those customers who had applied for a new account with the carrier and had subsequently been subject to a credit check to determine financial compatibility with the products or services applied for. It’s common practice for companies like T-Mobile, who are offering minimum term credit accounts, to utilize the services of Experian in order to determine the financial suitability of an applicant towards any T-Mobile contract.
The data that has been acquired as part of the breach is said to include sensitive information such as the name, date of birth, and address of the customers who went through the credit check. Perhaps more worryingly, encrypted social security numbers, driver’s license information, and passport numbers have also been breached. Luckily enough, no information related to credit cards or bank accounts have been compromised. As you might imagine, Legere is rightfully angry, but also concerned primarily for the data of his company’s customers:
Obviously I am incredibly angry about this data breach and will institute a thorough review of our relationship with Experian, but right now my top concern and first focus is assisting any and all consumers affected. Take our customer and prospective customer privacy VERY seriously. This is no small issue for us. I do want to assure our customers that neither T-Mobile’s systems nor network were part of this intrusion and this did not involve any payment card numbers or bank account information.
The liberation of the user data from Experian’s servers is far from ideal for those who have been affected, but it’s great to see what appears to be a transparent, genuine and honest retort from T-Mobile on the subject, and let’s not forget, the carrier is not responsible for this breach. If you’re a T-Mobile customer who was subject to a credit check by the company between September 1 and September 16, and you feel you may have been affected by the breach, then you can sign up for two years of free credit monitoring and identity resolution services through Experian’s ProtectMyID scheme by heading over to protectmyid.com.
Additionally, you can also view the full official Experian press release on the subject.