Millions of T-Mobile customers may have had their personal information exposed in a recently discovered data breach, according to a statement from CEO John J. Legere. Between September 2013 and September 2015, the records of any prospective applicants requiring credit checks from Experian for T-Mobile service or device financing were at risk. In a statement of their own, Experian assured consumers that the breach did not impact their massive consumer credit database and was isolated solely to T-Mobile accounts.
"Obviously I am incredibly angry about this data breach and we will institute a thorough review of our relationship with Experian," Legere said in his statement. "Right now my top concern and first focus is assisting any and all consumers affected. I take our customer and prospective customer privacy VERY seriously. This is no small issue for us. I do want to assure our customers that neither T-Mobile’s systems nor network were part of this intrusion and this did not involve any payment card numbers or bank account information."
Experian, who is currently in the process of notifying impacted customers, backed up Legere's assertion that users' bank account information was not exposed or put at risk:
Upon discovery of the incident, Experian took immediate action, including securing the server, initiating a comprehensive investigation, and notifying U.S. and international law enforcement.
The data acquired included names, dates of birth, addresses, and Social Security numbers and/or an alternative form of ID like a drivers' license number, as well as additional information used in T-Mobile's own credit assessment. No payment card or banking information was acquired.
As you might have noticed, 2015 has been a busy year for breaches of this nature.