Hackers have stolen personal data relating to more than 15 million T-Mobile customers in the US, after targeting a credit agency that works with the phone operator.
T-Mobile has confirmed the information stolen includes names, addresses, dates of birth and social security numbers of millions of customers, and came after Experian, the firm that processes T-Mobile’s credit applications, revealed it had been breached by hackers.
The phone operator’s chief John Legere said that any customers who had joined or attempted to join T-Mobile between September 1 2013 and September 16 2015 could be affected by the attack.
“We are working with Experian to take protective steps for all of these consumers as quickly as possible,” he said in a statement.
“Obviously I am incredibly angry about this data breach and we will institute a thorough review of our relationship with Experian, but right now my top concern and first focus is assisting any and all consumers affected. I take our customer and prospective customer privacy very seriously.”
In response to the attack, Legere said that Experian was also taking “aggressive” steps to improve the security of its servers, and confirmed that T-Mobile would give anyone affected free credit monitoring service for two years.
In its own statement, Experian chief executive Craig Boundy said: “We take privacy very seriously and we understand that this news is both stressful and frustrating. We sincerely apologise for the concern and stress that this event may cause.
“That is why we’re taking steps to provide protection and support to those affected by this incident and will continue to coordinate with law enforcement during its investigation.”
No one has yet claimed responsibility for the breach, which is the latest in a string of high-profile cyber attacks following hacks on Sony Pictures, eBay and adultery website Ashley Madison in the last two years.