The personal details of 15 million T-Mobile US subscribers have been stolen following a data breach at Experian, which carries out credit checks on behalf of the operator.
Customer records including name, address and date of birth, have been illegally accessed. In addition, Experian believes encrypted data including social security number and ID number – such as driver’s licence or passport number – may have been compromised.
New postpaid customers whose credit rating was checked between 1 September and 16 September are particularly at risk.
"Obviously I am incredibly angry about this data breach and we will institute a thorough review of our relationship with Experian, but right now my top concern and first focus is assisting any and all consumers affected," said T-Mobile US chief executive John Legere, in a statement.
He stressed that no payment card details were obtained by the hacker.
Experian said that to-date there is no evidence that T-Mobile subscriber data has been used inappropriately; however, it offered affected customers two years of free credit monitoring and identity protection from its ProtectMyID service.
"We take privacy very seriously and we understand that this news is both stressful and frustrating. We sincerely apologise for the concern and stress that this event may cause," said Craig Boundy, CEO of Experian North America, in a statement. "That is why we’re taking steps to provide protection and support to those affected by this incident and will continue to coordinate with law enforcement during its investigation."
