While Experian handles the personal information of many Americans, the bureau said the hack, which was discovered on September 15, is only limited to T-Mobile customers.
T-Mobile said the breach exposed the names, addresses and birthdates, as well as encrypted fields with social security numbers and other identification numbers such as those from driver’s licenses or passports. “Give a fraudster your comprehensive personal information, they can steal your identity and take out lines of credit that destroy your finances for years to come”.
In a letter to customers, T-Mobile CEO John Legere had said that he was “incredibly angry” about the breach and that the company would review its relationship with Experian.
Both T-Mobile and Experian are already working to protect the consumers and their data.
Upon discovery of the incident, Experian took immediate action, including securing the server, initiating a comprehensive investigation, and notifying US and global law enforcement. No payment card or banking information was leaked. The company said its consumer-credit-database, which holds records on tens of millions of Americans, wasn’t affected.
Experian is informing those affected by email, offering them free credit monitoring and identity resolution services for two years.
T-Mobile is the third biggest wireless carrier in the U.S., behind Verizon and AT&T. “We sincerely apologise for the concern and stress that this event may cause”, said Craig Boundy, CEO of Experian North America, in a statement.
While no evidence has been found yet that data that was stolen has been used in an inappropriate manner, consumers are being encouraged to enroll in that program. This is no small issue for us.
Word on the second option arrived late Friday afternoon, when the company confirmed that CSID will provide services for those who want to snub Experian.
T-Mobile’s comments seemed to largely put the blame on Experian for the attack.