Millions
of T-Mobile customers exposed in Experian breach
Send a link to a friend
[October 02, 2015]
By Jim Finkle
(Reuters) - Experian Plc <EXPN.L>, the
world's biggest consumer credit monitoring firm, on Thursday disclosed a
massive data breach that exposed sensitive personal data of some 15
million people who applied for service with T-Mobile US Inc <TMUS.N>.
|
Connecticut's attorney general said he will launch an
investigation into the breach.
Experian said it discovered the theft of the T-Mobile customer data
from one of its servers on Sept. 15. The computer stored information
about some 15 million people who had applied for service with
telecoms carrier T-Mobile during the prior two years, Experian said.
T-Mobile Chief Executive John Legere said the data included names,
addresses, birth dates, Social Security numbers, drivers license
numbers and passport numbers. Such information is coveted by
criminals for use in identity theft and other types of fraud.
"Obviously I am incredibly angry about this data breach and we will
institute a thorough review of our relationship with Experian,"
T-Mobile Chief Executive John Legere said in a note to customers
posted on the company's website. "But right now my top concern and
first focus is assisting any and all consumers affected."
(http://t-mo.co/1M4FSSd)
The Experian breach is the latest in a string of massive hacks that
have each claimed millions - and sometimes tens of millions - of
customer records, including the theft of personnel records from the
U.S. government this year, a 2014 breach on JPMorgan Chase <JPM.N>
and a 2013 attack on Target Corp's <TGT.N> cash register systems.
It is also the second massive breach linked to Experian. An attack
on an Experian subsidiary that began before Experian purchased it in
2012 exposed the Social Security numbers of 200 million Americans
and prompted an investigation by at least four states, including
Connecticut.
Experian on Thursday said it had launched an investigation into the
new breach and consulted with law enforcement.
The company offered two years of credit monitoring to all affected
individuals. People, however, said that they did not want credit
protection from a company that had been breached.
Legere responded by promising to seek alternatives.
"I hear you," he said on Twitter. "I am moving as fast as possible
to get an alternate option in place by tomorrow."
[to top of second column] |
Experian said the breach did not affect its vast consumer credit
database.
Legere said no payment card or banking information was taken.
T-Mobile had nearly 59 million customers as of June 30. A
representative for the carrier said that not all 15 million of the
affected applicants had opened accounts with T-Mobile.
The telecom carrier's shares were down 1.3 percent in extended
trading after closing little changed at $40.13 on the New York Stock
Exchange.
In the earlier data breach affecting Experian, a Vietnamese national
confessed in U.S. court last year to using a false identity to
opening an account with the unit, known as Court Ventures, sometime
before Experian purchased it in 2012.
A spokeswoman for Connecticut Attorney General George Jepsen said on
Thursday that it would investigate the latest attack.
The spokeswoman, Jaclyn Falkowski, declined to elaborate on the
T-Mobile incident, but said the investigations of the Court Ventures
matter "is active and ongoing."
(In 7th and 16th paragraphs, this version of the story corrects to
show that the previous Experian data breach began before Experian
purchased the company in 2012, not that it occurred in 2014.)
(Reporting by Jim Finkle; Additional reporting by Karen Friefeld and
Arathy Nair; Editing by Leslie Adler)
[© 2015 Thomson Reuters. All rights
reserved.]
Copyright 2015 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
|