Huge data breach hits T-Mobile after credit agency hacked
Hackers have stolen personal information belonging to about 15 million T-Mobile wireless customers and potential customers in the U.S., including Social Security numbers, home addresses, birthdates and other personal information.
In the latest high-profile breach, the hackers got the information from credit reporting agency Experian, which T-Mobile uses to check the credit of consumers applying for phone plans and financing for devices. Experian said T-Mobile customers who applied between Sept. 1, 2013 and Sept. 16, 2015 may have had their information stolen.
Experian said it immediately notified law enforcement authorities after discovering the hack and that "there is no evidence to date that the data has been used inappropriately."
That arrangement prompted sarcastic responses on Twitter. T-Mobile CEO John Legere, who is active on Twitter, responded to many tweeters unhappy with the resolution offered. "I hear you re: Experian as service protection option. I am moving as fast as possible to get an alternate option in place by tomorr
ow," Legere wrote Thursday evening.
Earlier in a statement, Legere had said that he was "incredibly angry" about the breach and that the company would review its relationship with Experian.
"Customers will be cynical" about using credit monitoring from Experian, said Gartner security analyst Avivah Litan. "Why would you trust someone with your accounts that's been breached."
Still, she said that customers can still use the service. But as an alternative, they could check their credit reports for free at www.annualcreditreport.com. The site lets consumers check each of their credit reports from the three credit rating agencies Equifax, Experian and TransUnion once a year.
The hack happened on Experian's server and is still being investigated, said Annie Garrigan, a spokeswoman for Bellevue, Washington-based T-Mobile. Experian said in a statement on its website that it doesn't know who was behind the hack and that it is taking "necessary steps" to prevent further breaches.
The companies said that payment card and banking information was not affected, but consumers shouldn't downplay the theft of Social Security numbers, said Eva Velasquez, the CEO of the nonprofit Identity Theft Resource Center. Payment cards can be canceled, ending the harm. But thieves can use someone's Social Security number to open new financial accounts and take out new loans for big-ticket items like cars and they can file a false tax return in your name.
Velasquez said that affected consumers should review their credit reports and sign up for a credit monitoring service and think about putting fraud alerts on their credit reports. They should also file tax returns as soon as they can, to beat a potential thief.
In the latest high-profile breach, the hackers got the information from credit reporting agency Experian, which T-Mobile uses to check the credit of consumers applying for phone plans and financing for devices. Experian said T-Mobile customers who applied between Sept. 1, 2013 and Sept. 16, 2015 may have had their information stolen.
Experian said it immediately notified law enforcement authorities after discovering the hack and that "there is no evidence to date that the data has been used inappropriately."
That arrangement prompted sarcastic responses on Twitter. T-Mobile CEO John Legere, who is active on Twitter, responded to many tweeters unhappy with the resolution offered. "I hear you re: Experian as service protection option. I am moving as fast as possible to get an alternate option in place by tomorr
ow," Legere wrote Thursday evening.
Earlier in a statement, Legere had said that he was "incredibly angry" about the breach and that the company would review its relationship with Experian.
"Customers will be cynical" about using credit monitoring from Experian, said Gartner security analyst Avivah Litan. "Why would you trust someone with your accounts that's been breached."
Still, she said that customers can still use the service. But as an alternative, they could check their credit reports for free at www.annualcreditreport.com. The site lets consumers check each of their credit reports from the three credit rating agencies Equifax, Experian and TransUnion once a year.
The hack happened on Experian's server and is still being investigated, said Annie Garrigan, a spokeswoman for Bellevue, Washington-based T-Mobile. Experian said in a statement on its website that it doesn't know who was behind the hack and that it is taking "necessary steps" to prevent further breaches.
The companies said that payment card and banking information was not affected, but consumers shouldn't downplay the theft of Social Security numbers, said Eva Velasquez, the CEO of the nonprofit Identity Theft Resource Center. Payment cards can be canceled, ending the harm. But thieves can use someone's Social Security number to open new financial accounts and take out new loans for big-ticket items like cars and they can file a false tax return in your name.
Velasquez said that affected consumers should review their credit reports and sign up for a credit monitoring service and think about putting fraud alerts on their credit reports. They should also file tax returns as soon as they can, to beat a potential thief.
Last Update: October 02, 2015 21:15