Original Story: cnbc.com
Global information services group Experian announced Thursday that one of its business units had been hacked. The breach occurred on a server that contained data on behalf of one of its clients, T-Mobile.
The data includes personal information for a combination of about 15 million customers and applicants in the U.S. who at one point may have applied for T-Mobile service. The company said that the incident did not impact its own consumer credit database.
The data also included applicants requiring a credit check for service or device financing from Sept. 1, 2013 through Sept. 16, 2015, Experian North America said in a statement.
The ADRs of Ireland-headquartered Experian closed Thursday up nearly 1.7 percent to $16.38, while shares of T-Mobile were down more than 1 percent in extended trading.
In a letter to consumers, T-Mobile CEO John Legere said the following:
"Obviously I am incredibly angry about this data breach and we will institute a thorough review of our relationship with Experian, but right now my top concern and first focus is assisting any and all consumers affected. I take our customer and prospective customer privacy VERY seriously. This is no small issue for us. I do want to assure our customers that neither T-Mobile's systems nor network were part of this intrusion and this did not involve any payment card numbers or bank account information."
Legere also said that any customers concerned that they may have been impacted can sign up for two years of free credit monitoring and identity resolution services at Experian's "Protect My ID" program.
Experian said it took immediate action upon finding the breach: it secured the server, initiated a comprehensive investigation and notified U.S. and international law enforcement.
The data stolen included names, dates of birth, addresses and Social Security numbers. No payment card or banking information was acquired, the company said.
"We take privacy very seriously and we understand that this news is both stressful and frustrating. We sincerely apologize for the concern and stress that this event may cause," said Craig Boundy, CEO of Experian North America. "That is why we're taking steps to provide protection and support to those affected by this incident and will continue to coordinate with law enforcement during its investigation."