Experian Data Breach Exposes 15 Million Users

Once again, we see another major data breach – this time it’s the credit-checking firm Experian who has been hacked, exposing the details of 15 million consumers who applied for T-Mobile USA postpaid services between Sept. 1, 2013 and Sept. 16, 2015.In an open and transparent letter to consumers, the T-Mobile CEO John Legere said:

“Whether it’s good news or bad, I’m going to be direct, transparent and honest. We have been notified by Experian, a vendor that processes our credit applications, that they have experienced a data breach. The investigation is ongoing, but what we know right now is that the hacker acquired the records of approximately 15 million people, including new applicants requiring a credit check for service or device financing from September 1, 2013 through September 16, 2015. These records include information such as name, address and birthdate as well as encrypted fields with Social Security number and ID number (such as driver’s license or passport number), and additional information used in T-Mobile’s own credit assessment. Experian has determined that this encryption may have been compromised. We are working with Experian to take protective steps for all of these consumers as quickly as possible.”

In a separate notification, Experian said the credit database was not accessed, and no payment card or banking information was obtained.

This is an extremely serious breach and Experian will suffer repetitional and brand damage, resulting in loss of revenue and real costs as they try to address the issue and possible fines!  As mentioned in our article on Information Governance  – Information forms a significant corporate asset and failing to manage it properly equates to squandering company value and throwing away your competitive advantage. For every digital solution you apply to an operational process, the result is data that needs to be managed!