Experian, one of the biggest data collectors in the world, has announced its server has been hacked, affecting over 15 million T-Mobile customers.
Customers of the cellular provider T-Mobile who have applied for Experian credit checks may have had their credentials exposed. According to Experian, “those who applied for T-Mobile USA postpaid services or device financing from September 1, 2013, to September 16, 2015” are among the customers who are at risk of having their information compromised.
On Thursday T-Mobile revealed that an unapproved party has gained access to the T-Mobile data stored in an Experian server. Experian has stated that no other clients’ data has been accessed, likely meaning the breach is limited to T-Mobile customers.
Information from the hack includes names, addresses, and birthdays, as well as encrypted social security numbers, driver’s license ID numbers, and passport ID numbers. Although these numbers were encrypted, Experian stated that encryption may have been compromised as well. Fortunately for all parties involved, both Experian & T-Mobile have said that the hacked files did not include any credit card or banking information, but the information compromised could still be used for identity theft.
While both companies’ reputations will certainly be impacted by this breach, T-Mobile is adamant that Experian has taken full responsibility for this event. “Experian has taken full responsibility for the theft of data from its server. Our vendors are contractually obligated to abide by stringent privacy and security practices, and we are extremely disappointed that hackers could access the Experian network.”
This recent security breach isn’t the first Experian’s been linked to. In 2014, a Vietnamese identity theft attack on an Experian subsidiary exposed the social security numbers of over 200 million Americans. If you believe your information may have been compromised, Experian is offering free credit monitoring services.
With Experian’s business running solely by collecting data from millions of people around the world, it’s even more important for data collecting businesses like these to use best security practices to ensure compliance & data protection of its consumer’s credentials. The notion of security best practices have been established for a reason, and without them in place, breaches will continue to intensify and affect millions of people around the world. NNT’s Change Tracker Gen7 equips any organization with best in class Breach Detection & Prevention solutions like File Integrity Monitoring and Change & Configuration Management to help protect for consumers credentials and information from a possible data breach.
Read the full article on Wired