funsec mailing list archives
T-Mobile admits up to 15 million users affected by Experian data breach
From: Jeffrey Walton <noloader () gmail com>
Date: Sat, 3 Oct 2015 16:29:49 -0400
Its kind of convenient when Experian contributes to the disease, and then sells the cure. They are creating their own market through negligence and allowed to profit from it.... http://www.v3.co.uk/v3-uk/news/2428737/t-mobile-admits-up-to-15-million-users-affected-by-experian-data-breach US mobile carrier T-Mobile has admitted that up to 15 million customer records have been compromised following a breach of data at its credit monitoring vendor Experian. The breach, which affects consumers who applied for T-Mobile services between 1 September 2013 and 16 September 2015, resulted in the exposure of names, addresses and birth dates, along with Social Security, driving licence and passport numbers. The data loss has been blamed on compromised encryption, and was discovered on 15 September. It is now being investigated by federal and international law enforcement. John Legere, T-Mobile US chief executive, said he is "incredibly angry" about the significant loss of data. "We will institute a thorough review of our relationship with Experian, but right now my top concern and first focus is assisting any and all consumers affected. I take our customer and prospective customer privacy very seriously. This is no small issue for us," he said. "I do want to assure our customers that neither T-Mobile's systems nor network were part of this intrusion and this did not involve any payment card numbers or bank account information." Legere added that the 15 million affected people are not all T-Mobile users, stressing that the total figure is made up of credit applicants and not just direct customers. Experian, which has taken full responsibility for the breach, warned that the stolen data may lead to an increased risk of identity theft. "Although we have no evidence suggesting your personal information has been misused, we take our obligation to help you protect your information very seriously, and deeply regret that this has happened," the firm said. "We encourage all eligible consumers to enrol in the complimentary identity resolution services we have offered." Craig Boundy, chief executive of Experian North America, said that his firm takes data privacy "very seriously". "We sincerely apologise for the concern and stress that this event may cause. That is why we're taking steps to provide protection and support to those affected by this incident and will continue to coordinate with law enforcement during its investigation," he said. The breach is the latest in a long line of cyber attacks against high-profile targets, including the US Office of Personnel Management, United Airlines and a significant breach in 2014 at banking giant JP Morgan. Legere has indicated that T-Mobile will look for an "alternative option" for customers who do not want to use Experian in the future. _______________________________________________ NOTE: As of July 10, the mailing list address HAS CHANGED from @linuxbox.org TO @lists.linuxbox.org. Please use the new address in all mail to the list. _______________________________________________ Fun and Misc security discussion for OT posts. http://lists.linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- T-Mobile admits up to 15 million users affected by Experian data breach Jeffrey Walton (Oct 03)