Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

T-Mobile ‘Incredibly Angry’ Over Breach via Credit Bureau

T-Mobile’s chief executive has expressed outrage over a breach at a credit monitoring service that exposed private data from 15 million customers of the mobile carrier.

T-Mobile’s chief executive has expressed outrage over a breach at a credit monitoring service that exposed private data from 15 million customers of the mobile carrier.

CEO John Legere’s comments came after T-Mobile learned of the hack at Experian, a service used to evaluate applications from potential customers.

T-Mobile said the breach exposed the names, addresses and birthdates, as well as encrypted fields with social security numbers and other identification numbers such as those from driver’s licenses or passports.

“Obviously I am incredibly angry about this data breach and we will institute a thorough review of our relationship with Experian, but right now my top concern and first focus is assisting any and all consumers affected,” Legere said in a statement to customers Thursday.

“I take our customer and prospective customer privacy very seriously. This is no small issue for us. I do want to assure our customers that neither T-Mobile’s systems nor network were part of this intrusion and this did not involve any payment card numbers or bank account information.”

Experian said in its statement Thursday that on September 15 it “discovered an unauthorized party accessed T-Mobile data housed in an Experian server.”

Experian said it “notified appropriate federal and international law enforcement agencies and has taken additional security steps to help prevent future incident.”

Consumer activist group US PIRG said the breach was “completely outrageous since credit bureaus are subject to very high security standards.” It said that losing social security numbers, which can be used for identity theft, “makes this breach much worse.”

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Incident Response

Implementation of security automation can be overwhelming, and has remained a barrier to adoption