15 million T-Mobile customers exposed in massive data breach

The breach is being investigated

Experian, which handles credit applications for T-Mobile, has experience a data breach that affects 15 million Americans.

In a press release, the company explained that an unidentified hacker accessed a server that contained the names, addresses, date of birth information and other information of anyone who applied for a credit check with T-Mobile to sign up for a new account or device with the Uncarrier between September 1, 2013 and September 16 of this year, regardless if they didn't end up signing up with them.

While the data breach didn't include any credit card or banking information, it did include files containing social security numbers and ID numbers from things like drivers licenses or passports, and though they were encrypted, the encryption may be compromised.

Experian is one of the top three credit reporting agencies in the country, alongside Equifax and TransUnion.

Uncarrier breached

Experian and T-Mobile have both said that an investigation is being conducted, with Experian contacting relevant law enforcement agencies as well as notifying those who may be affected.

Experian is also offering two years of credit monitoring and identity resolution services through ProtectMyID for those who have been affected, though it says "there is no evidence to-date that the data has been used inappropriately."

While T-Mobile's own network or systems were not hacked, CEO John Legere in an open letter said, "We are working with Experian to take protective steps for all of these consumers as quickly as possible."

"Obviously I am incredibly angry about this data breach and we will institute a thorough review of our relationship with Experian, but right now my top concern and first focus is assisting and and all consumers affected," he said.

T-Mobile is inviting anyone with concerns to contact the Uncarrier, and has posted up a Q&A page about the breach, as has Experian.