T-Mobile, Experian Hack: How You Can Minimize Your Risk - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Government // Mobile & Wireless
11:05 AM
Eric Zeman
Eric Zeman

T-Mobile, Experian Hack: How You Can Minimize Your Risk

Here are a few steps T-Mobile customers can take to protect themselves in the wake of the Experian hack.

14 Security Fails That Cost Executives Their Jobs
14 Security Fails That Cost Executives Their Jobs
(Click image for larger view and slideshow.)

Experian, a credit processing vendor, was hacked this week and the bulk of data exposed belonged to T-Mobile and prospective T-Mobile customers. The hackers walked away with full identities, including names, addresses, birthdates, driver's license and passport numbers, and even social security numbers.

Here's what you can do to minimize the fallout.

First, it's important to note that T-Mobile itself was not hacked. T-Mobile's own servers and network were not compromised. T-Mobile has about 59 million subscribers. That means the bulk of T-Mobile's customers are safe. T-Mobile places all the blame on Experian, which took full responsibility.

"Obviously I am incredibly angry about this data breach and we will institute a thorough review of our relationship with Experian," said T-Mobile CEO John Legere, "but right now my top concern and first focus is assisting any and all consumers affected. I take our customer and prospective customer privacy very seriously. This is no small issue for us."

Experian is one of the three major credit-reporting bureaus in the country. It also processes credit applications, among other things.

(Image: wdstock/iStockphoto)

(Image: wdstock/iStockphoto)

T-Mobile used Experian to handle customer credit checks. The 15 million records accessed by the hackers belong to people who applied to be T-Mobile customers. Not all the applicants had the credit to actually become T-Mobile customers, so the 15 million total includes current customers and non-customers who applied for service between Sept. 1, 2013 and Sept. 16, 2015. (The law requires that credit application data be held a minimum of 25 months, which is why the records go back so far.)

If you have been a T-Mobile customer since before Aug. 31, 2013, your data is probably safe. Consumers who applied to become T-Mobile in the date range above definitely need to take action.

Experian said it will contact all those impacted by the breach. Don't wait for them to reach out. If you think your data might have been compromised, contact Experian right away. Sign up for credit monitoring and identity resolution services. T-Mobile and Experian are offering impacted customers two years of free coverage through ProtectMyID.com. This service will keep an eye on your credit and help you fix any issues that may arise as a result of the breach.

[Read about T-Mobile's deal for the iPhone 6s.]

Be sure to do your own monitoring. Pay attention to your bank statements, credit card bills, phone bills, and other monthly statements to be sure no surprises pop up. If you have any questions, or something odd appears, be sure to contact your credit card and other service providers immediately.

Experian said it is taking some corrective action, even if it is too late in this case. For example, it is ensuring Web application firewalls are working properly, enhancing encryption key security, limiting employee access to servers, increasing monitoring of the impacted servers/systems, and working with US and international law enforcement to chase the culprits.

Sadly, consumers are unable to do anything to prevent these types of hacks and exposures. All we can do is trust that companies are going to do the right thing when they happen. T-Mobile appears to be taking the issue seriously and has been proactive in reaching out to customers. Experian is taking steps to prevent similar attacks down the road and will help people affected by this particular event. Be sure to take advantage of all the help being offered.

If you have any concerns, T-Mobile has set up a FAQ to help provide some answers.

Eric is a freelance writer for InformationWeek specializing in mobile technologies. View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Li Tan
Li Tan,
User Rank: Ninja
10/4/2015 | 3:44:24 PM
Re: Do Your Own Monitoring..
Indeed we need to have more control to our own safety - SSN, financial information, personal data...There is no single silver-bullet for all security problems but as the information owner, we need to be on top of it.
User Rank: Apprentice
10/4/2015 | 4:33:36 AM
Do Your Own Monitoring..
...Defintiely a good piece of advice. Even with the best security measures, consumers couldn't have stopped this but they can now help themselves by monitoring their financial data and accounts. Something that a lot of people no longer do. 
User Rank: Ninja
10/4/2015 | 3:13:08 AM
interesting info and points, thank you, thanks for sharing... as technology changing rapidly...
The State of Chatbots: Pandemic Edition
Jessica Davis, Senior Editor, Enterprise Apps,  9/10/2020
Deloitte on Cloud, the Edge, and Enterprise Expectations
Joao-Pierre S. Ruth, Senior Writer,  9/14/2020
Data Science: How the Pandemic Has Affected 10 Popular Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  9/9/2020
White Papers
Register for InformationWeek Newsletters
Current Issue
IT Automation Transforms Network Management
In this special report we will examine the layers of automation and orchestration in IT operations, and how they can provide high availability and greater scale for modern applications and business demands.
Flash Poll