Experian says 15M have info stolen in hack of T-Mobile data (Update)

October 1, 2015 byTali Arbel And Joseph Pisani
Experian says info from 15 million T-Mobile customers hacked
In this Sept. 12, 2012 file photo, a man uses a cellphone as he passes a T-Mobile store in New York. Credit reporting agency Experian on Thursday, Oct. 1, 2015 said that hackers accessed the social security numbers, birthdates and other personal information belonging to about 15 million T-Mobile wireless customers. T-Mobile uses Experian to check the credit of its customers. (AP Photo/Mark Lennihan, File)

Hackers have stolen personal information belonging to about 15 million T-Mobile wireless customers and potential customers in the U.S., including Social Security numbers, home addresses, birthdates and other personal information.

In the latest high-profile breach, the hackers got the information from credit reporting agency Experian, which T-Mobile uses to check the credit of consumers applying for phone plans and financing for devices. Experian said T-Mobile customers who applied between Sept. 1, 2013 and Sept. 16, 2015 may have had their information stolen.

Experian said it immediately notified law enforcement authorities after discovering the hack and that "there is no evidence to date that the data has been used inappropriately."

T-Mobile customers can sign up for two free years of credit monitoring services at www.protectmyID.com/securityincident , a service owned by Experian.

That arrangement prompted sarcastic responses on Twitter. T-Mobile CEO John Legere, who is active on Twitter, responded to many tweeters unhappy with the resolution offered.

"I hear you re: Experian as service protection option. I am moving as fast as possible to get an alternate option in place by tomorrow," Legere wrote Thursday evening.

Earlier in a statement, Legere had said that he was "incredibly angry" about the breach and that the company would review its relationship with Experian.

"Customers will be cynical" about using credit monitoring from Experian, said Gartner security analyst Avivah Litan. "Why would you trust someone with your accounts that's been breached."

Still, she said that customers can still use the service. But as an alternative, they could check their credit reports for free at www.annualcreditreport.com. The site lets consumers check each of their credit reports from the three credit rating agencies— Equifax, Experian and TransUnion—once a year.

The hack happened on Experian's server and is still being investigated, said Annie Garrigan, a spokeswoman for Bellevue, Washington-based T-Mobile.

Experian said in a statement on its website that it doesn't know who was behind the hack and that it is taking "necessary steps" to prevent further breaches.

The company said that affected customers should "remain vigilant" against identity theft and watch for phishing email scams that ask for sensitive information such as bank account and Social Security numbers.

The companies said that payment card and banking information was not affected, but consumers shouldn't downplay the theft of Social Security numbers, said Eva Velasquez, the CEO of the nonprofit Identity Theft Resource Center.

"There are many more steps you have to take to minimize your risk when your Social Security number is compromised versus payment card data," she said.

Payment cards can be canceled, ending the harm. But thieves can use someone's Social Security number to open new financial accounts and take out new loans for big-ticket items like cars and they can file a false tax return in your name.

Velasquez said that affected consumers should review their credit reports and sign up for a credit monitoring service and think about putting fraud alerts on their credit reports. They should also file tax returns as soon as they can, to beat a potential thief.

There have been a string of high-profile hacks of businesses and other organizations in recent years affecting millions of people, including adultery website Ashley Madison, Sony Pictures, the insurer Anthem, retailers such as Home Depot and Target, eBay and the U.S. Office of Personnel Management.

Nearly 800 data breaches were reported last year by U.S. organizations, according to the Identity Theft Resource Center.

T-Mobile is now the No. 3 wireless carrier in the U.S., having surpassed Sprint this year. The company refers to itself as an "Un-carrier" because it changed some of the wireless industry's practices, like replacing the two-year service contract with monthly installment plans. Verizon and AT&T are the country's largest wireless carriers.

Explore further: Q&A: Ashley Madison hack only latest high-profile breach

Related Stories

Q&A: Ashley Madison hack only latest high-profile breach

August 20, 2015

The data breach affecting customers of the Ashley Madison website may be salacious, embarrassing or even ruinous for those involved. But it's only the latest, and not the biggest, high-profile breach of customer or employee ...

Your info has been hacked. Here's what you should do

February 5, 2015

Hackers have stolen personal information from tens of millions of people with Anthem health insurance. The nation's second-largest health insurer, formerly known as WellPoint, said hackers stole Social Security numbers, names, ...

You've been hacked ... do this right now

June 5, 2015

The entire U.S. federal workforce may be at risk after yet another intrusion from what security experts believe were hackers based in China. The Department of Homeland Security says that data from the Office of Personnel ...

Recommended for you

Meteorite source in asteroid belt not a single debris field

February 17, 2019

A new study published online in Meteoritics and Planetary Science finds that our most common meteorites, those known as L chondrites, come from at least two different debris fields in the asteroid belt. The belt contains ...

Diagnosing 'art acne' in Georgia O'Keeffe's paintings

February 17, 2019

Even Georgia O'Keeffe noticed the pin-sized blisters bubbling on the surface of her paintings. For decades, conservationists and scholars assumed these tiny protrusions were grains of sand, kicked up from the New Mexico desert ...

Archaeologists discover Incan tomb in Peru

February 16, 2019

Peruvian archaeologists discovered an Incan tomb in the north of the country where an elite member of the pre-Columbian empire was buried, one of the investigators announced Friday.

Where is the universe hiding its missing mass?

February 15, 2019

Astronomers have spent decades looking for something that sounds like it would be hard to miss: about a third of the "normal" matter in the Universe. New results from NASA's Chandra X-ray Observatory may have helped them ...

1 comment

Adjust slider to filter visible comments by rank

Display comments: newest first

5 / 5 (1) Oct 01, 2015
Let's make credit agencies LIABLE for any damages to us!

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.