15 million T-Mobile customers have their data stolen

In an a letter to customers, T-Mobile CEO John Legere has responded to reports that 15 million customers have had their data stolen by hackers. The fault comes from Experian, “a vendor that processes our credit applications” states Legere. He goes on to explain that T-Mobile‘s systems seem to have escaped being breached and no payment information like credit card numbers or bank account information was among the stolen data. Hackers have gained data on anyone who has had a credit check run from September 1, 2013 until September 16, 2015.

[blockquote author=”John Legere, T-Mobile CEO”]”The investigation is ongoing, but what we know right now is that the hacker acquired the records of approximately 15 million people, including new applicants requiring a credit check for service or device financing from September 1, 2013 through September 16, 2015,”[/blockquote]

Included in the stolen data are names, addresses, and birth dates as well as encrypted fields with Social Security Numbers and ID numbers (such as driver’s license or passport numbers). According to Experian, it’s possible, that the encryption may be able to be broken. In response to the breach, Experian is offering two free years of credit monitoring and identity resolution services.

At least 15 million customers, the T-Mobile/Experian data breach is the third worst of 2015 following only Anthem (80 million) and The US Office of Personnel Management (21.5 million). Experian explains in a statement that a customer node was compromised but made sure to point out that its consumer credit bureau was unaffected. Experian notified both US and International authorities of the breach which happened two weeks ago and was discovered within two days of the initial intrusion.

“Obviously I am incredibly angry about this data breach and we will institute a thorough review of our relationship with Experian, but right now my top concern and first focus is assisting any and all consumers affected. I take our customer and prospective customer privacy VERY seriously.” wrote Legere.

It’s still too early to predict the fallout from the situation but we’ll keep you updated as the story continues to unfold.

Source: T-Mobile, USA Today