T-Mobile Reveals Hack That Exposed Personal Information of Millions.
T-Mobile’s CEO John Legere is angry again and this time for very good reason. A hacker has snatched the highly personal records of some 15 million current and potential T-Mobile customers in the U.S.
The people affected didn’t use the service directly but lost data that they given to T-Mobile as part of credit checks, according to statements by both companies. The compromised data includes names, dates of birth, addresses, social security numbers and ID information.
Experian said that it would get in contact with people affected by the hack. It said that when it did it would offer them a two year subscription to the services that Experian provides to keep personal data safe.
“Although there is no evidence to-date that the data has been used inappropriately, Experian strongly encourages affected consumers to enroll in the complimentary identity resolution services,” Experian said in a statement.
Experian pointed out in its statement that the unit that had been hacked was “notably not its consumer credit bureau”. But the data that was lost was still consumer credit data.
The company didn’t say who was to blame for the attack, saying only that it “experienced an unauthorized acquisition of information from a server that contained data on behalf of one of its clients, T-Mobile”.
Experian holds data for a vast array of companies, from information used in small credit checks to documentation about huge loans. Many companies across America use the site as a way of storing and cross-referencing data.
T-Mobile’s comments seemed to largely put the blame on Experian for the attack.
“We have been notified by Experian, a vendor that processes our credit applications, that they have experienced a data breach,” wrote CEO John Legere.
“Obviously I am incredibly angry about this data breach and we will institute a thorough review of our relationship with Experian, but right now my top concern and first focus is assisting any and all consumers affected. I take our customer and prospective customer privacy VERY seriously,” he wrote in a statement released soon after the hack was made public. “This is no small issue for us. I do want to assure our customers that neither T-Mobile’s systems nor network were part of this intrusion and this did not involve any payment card numbers or bank account information.”