Why credit bureau Experian has data on T-Mobile customers

October 3, 2015 byKen Sweet

In the latest high-profile breach of a U.S. organization, hackers broke into Experian's database of information on 15 million T-Mobile customers and potential customers. But what is Experian, and why does the credit bureau keep data on a wireless carrier's customers?

Here's a Q&A about what happened at Experian and what could happen next.


If you've applied for a card, mortgage, student loan or any financial product in the last three decades, Experian likely has some sort of data on you. The Consumer Financial Protection Bureau estimates Experian, Equifax and TransUnion hold records on more than 200 million Americans.

The data can be basic like your address and birthdate. But if you've applied for credit, the agencies could know more about your financial situation than your parents or spouse do. They'll have your Social Security number, all of the banks you have credit card accounts with, the limit on those cards and if you pay them down regularly. They can know your work history, if you've had any collections or court judgments against you or if you've ever defaulted on a loan.


Banks and other lenders need to know whether you're a good borrower and pay your debts and would prefer to gather that information quickly and relatively cheaply. Credit agencies provide a storehouse of data that lenders can pull to make credit decisions. In turn, those lenders report their data back to the agencies so other lenders to have access to more data.

This ongoing database becomes known as a person's credit report. The data can be further processed into what's known as a credit score, which is a way of boiling down years of financial information into a "grade" that banks can look at to decide whether to lend to you or not.


T-Mobile has to decide whether to allow a potential customer to open an account or to finance their newly purchased phone. Anyone applying for cell service, with some exceptions like a prepaid phone, needs to get a credit check before T-Mobile or other carriers approve service.

T-Mobile, which contracted out the credit check to Experian, says applicants from between September 1, 2013 and September 16, 2015 were affected.


Names, addresses, Social Security numbers, birthdates and driver's license numbers.

But Experian says the T-Mobile consumer data and its consumer credit —the credit reports noted above—are housed on a separate server and those records were not exposed in the hack.

T-Mobile said affected consumers can sign up for two free years of credit monitoring services at www.protectmyID.com/securityincident, a service owned by Experian.

The offering of an Experian monitoring service led to protests on Twitter, and T-Mobile may announce other options for its consumers to protect their data. CEO Legere said on Twitter that contracting out Experian was the fastest way to protect customers' data, but they are working on providing an alternative.


The federal regulator of Experian, TransUnion, Equifax and the other smaller credit agencies is the Consumer Financial Protection Bureau.

The CFPB, which was created after the 2008 financial crisis, started regulating credit agencies in September 2012. It was the first time a federal agency had weighed in on the industry.


It is too soon to tell. The CFPB, in a statement, said they "are concerned about the recent breach of consumer information" and will be monitoring the situation. Experian could face fines and possible increased regulatory scrutiny as well if it is found liable for how the breach occurred.

And T-Mobile could stop using Experian. In a letter to customers, T-Mobile CEO John Legere had said that he was "incredibly angry" about the breach and that the company would review its relationship with Experian.

Explore further: T-Mobile fury as hackers steal customer data from credit agency

Related Stories

You've been hacked ... do this right now

June 5, 2015

The entire U.S. federal workforce may be at risk after yet another intrusion from what security experts believe were hackers based in China. The Department of Homeland Security says that data from the Office of Personnel ...

Your info has been hacked. Now what do you do?

December 14, 2014

Criminals stole personal information from tens of millions of Americans in data breaches this past year. Of those affected, one in three may become victims of identity theft, according to research firm Javelin. Whether shopping, ...

Your info has been hacked. Here's what you should do

February 5, 2015

Hackers have stolen personal information from tens of millions of people with Anthem health insurance. The nation's second-largest health insurer, formerly known as WellPoint, said hackers stole Social Security numbers, names, ...

Recommended for you

Privacy becomes a selling point at tech show

January 7, 2019

Apple is not among the exhibitors at the 2019 Consumer Electronics Show, but that didn't prevent the iPhone maker from sending a message to attendees on a large billboard.

China's Huawei unveils chip for global big data market

January 7, 2019

Huawei Technologies Ltd. showed off a new processor chip for data centers and cloud computing Monday, expanding into new and growing markets despite Western warnings the company might be a security risk.


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.