T-Mobile says data breach at Experian unit may have hit 15 million customers
Userlevel 7
+3
T-Mobile US Inc said about 15 million of its U.S. subscribers may have been affected in a data breach at a unit of Experian Plc, a company that processes the telecom carrier's credit applications.
The hacked data included names, dates of birth, addresses, and Social Security numbers as well as additional information used in T-Mobile's own credit assessment.
http://www.reuters.com/article/2015/10/01/us-tmobile-dataprotection-idUSKCN0RV5PL20151001
http://www.nasdaq.com/article/experian-data-breach-may-affect-15-million-consumersupdate-20151001-01405
Experian PLC said a data breach may have compromised the personal information of roughly 15 million consumers in the U.S., including those who had applied for T-Mobile US Inc. subscription services or devices over two years through Sept. 16.
http://www.t-mobile.com/landing/experian-data-breach
Userlevel 7
I have a T Mobile Phone however its pay as you go, so I have not supplies any information to the company which is a plus in my opinion.
Userlevel 7
+56
Here's the website to sign up for your two years of credit monitoring:
http://www.protectmyid.com/default.aspx
I'm in the affected group, as I switched to T-mobile in 2014. Sigh.
http://www.protectmyid.com/default.aspx
I'm in the affected group, as I switched to T-mobile in 2014. Sigh.
Userlevel 7
+54
An article from Brian Krebs about the breach. The name which jumps out at me in this parargraph I have pasted is Ngo, he has been named in quite a few articles I have posted here in the 2 years I have been posting.
2nd October 2015
During the time that ID theft service was in operation, customers of Ngo’s service had access to more than 200 million consumer records. Experian didn’t detect Ngo’s activity until it was notified by federal investigators that Ngo was an ID thief posing as a private investigator based in the United States. The data broker failed to detect the anomalous activity even though Ngo’s monthly payments for consumer data lookups his hundreds of customers conducted each month came via wire transfers from a bank in Singapore.
Full Article
2nd October 2015
During the time that ID theft service was in operation, customers of Ngo’s service had access to more than 200 million consumer records. Experian didn’t detect Ngo’s activity until it was notified by federal investigators that Ngo was an ID thief posing as a private investigator based in the United States. The data broker failed to detect the anomalous activity even though Ngo’s monthly payments for consumer data lookups his hundreds of customers conducted each month came via wire transfers from a bank in Singapore.
Full Article
Userlevel 7
+54
Mark Sullivan October 3, 2015
http://vbstatic.co/brand/img/logos/logo-placeholder-160x160.jpg
T-Mobile data stolen from the servers of credit bureau Experian is already showing up for sale on the dark web, says one security firm.
The Irish fraud prevention startup Trustev, which monitors such data sales listings, sent VentureBeat screen shots of listings of data it believes originated from the Experian theft, which was reported Thursday.
Full Article
http://vbstatic.co/brand/img/logos/logo-placeholder-160x160.jpg
T-Mobile data stolen from the servers of credit bureau Experian is already showing up for sale on the dark web, says one security firm.
The Irish fraud prevention startup Trustev, which monitors such data sales listings, sent VentureBeat screen shots of listings of data it believes originated from the Experian theft, which was reported Thursday.
Full Article
Userlevel 7
Thanks for the heads up on this issue Jasper, looks like they are not wasting anytime on selling this data.
Userlevel 7
+54
8th October 2015
http://krebsonsecurity.com/wp-content/uploads/2015/10/expoffices.png
Experian’s offices in Nottingham, UK. Source: Wikipedia.
“What the board of directors at Experian wanted security-wise and the security capabilities on the ground were two completely different things,” Tate said. “Senior leadership there said they were pursuing a very aggressive growth-by-acquisition campaign. The acquisition team would have a very strict protocol on how they assess whether a business may be viable to buy, but the subsequent integration of the business into our core security architecture was just a black box of magic in terms of how it was to be implemented. And I’m not saying successful magic at all.”
Another recent former security employee at Experian who agreed to talk on condition of anonymity said it was clear that the company’s board was not well-informed about the true state of security within the company’s various business units.
Full Article
http://krebsonsecurity.com/wp-content/uploads/2015/10/expoffices.png
Experian’s offices in Nottingham, UK. Source: Wikipedia.
“What the board of directors at Experian wanted security-wise and the security capabilities on the ground were two completely different things,” Tate said. “Senior leadership there said they were pursuing a very aggressive growth-by-acquisition campaign. The acquisition team would have a very strict protocol on how they assess whether a business may be viable to buy, but the subsequent integration of the business into our core security architecture was just a black box of magic in terms of how it was to be implemented. And I’m not saying successful magic at all.”
Another recent former security employee at Experian who agreed to talk on condition of anonymity said it was clear that the company’s board was not well-informed about the true state of security within the company’s various business units.
Full Article
Userlevel 7
+3
US consumer privacy groups have called for a Federal investigation into Experian, following a major hack at the credit database firm.
Experian claims personal data on 15 million T-Mobile US customers was stolen in the breach.
But the Public Interest Research Group (PIRG), backed by 28 other bodies, fears the hack may have extended to the rest of Experian's credit database.
This holds personal information about some 200 million Americans, it said.
"A data security breach that affected Experian's credit report files would be a terrifying and unmitigated disaster," it added.
http://www.bbc.co.uk/news/technology-34486107
Userlevel 7
+62
I am totally speechless..almost ..how does a company pay tens of millions of dollars and still not be secured?
Userlevel 7
+56
I echo their sentiment!
Userlevel 7
Experian, possible the entire database, Dow Jones today.... It has just been a wonder week eh?
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.