Data Breach of the Week: T-Mobile Edition


Adam Cecil

Adam Cecil

Former Staff Writer

Adam Cecil is a former staff writer for Policygenius, a digital insurance brokerage trying to make sense of insurance for consumers. He is a podcast producer, writer, and video maker based in Brooklyn, NY.

Published|3 min read

Policygenius content follows strict guidelines for editorial accuracy and integrity. Learn about our editorial standards and how we make money.

Blindsided by yet another story of a major company getting hacked? Afraid that your information has been stolen in a major data breach? Want to prevent identity theft from happening to you? We'll break down the latest news stories to help you understand what's already happened and what you can do right now. This time: the T-Mobile and Experian hack.

Who got hacked?

Experian, one of the three companies that provides U.S. credit reports to consumers and businesses. Technically, just their database relating to T-Mobile customers was stolen, but this hack could have wider implications for the company. Most mainstream media outlets are focusing on the T-Mobile side of the story, but it was really Experian that was breached.

If Experian, one of the gatekeepers of your financial identity, is compromised, how do you recover? Regardless of whether or not you were affected by the hack, you’ll want to keep an eye on this story.

Who is affected?

If you got your credit checked by T-Mobile (either for service or for device financing) between September 1, 2013 and September 16, 2015, your information has been stolen. As of this time, other T-Mobile customers have not been affected.

What data was stolen?

According to T-Mobile, the records stolen include:

  • names

  • addresses

  • birthdays

as well as two encrypted fields that contain

  • Social Security numbers

  • other ID number (such as driver's license or passport number)

Experian believes its encryption may have been compromised. It’s safe to assume that it has and that your Social Security number has been stolen.

What do I do now?

Unfortunately, because Social Security numbers were stolen from Experian, this hack has reached a 9 on our Identity Theft Index. Clearly, that’s not a good thing, but that doesn’t mean you’re helpless to stop fraud.

The biggest thing to worry about is tax fraud. When someone has your SSN, they can use it to get a job and file a tax return in your name. The IRS will be slow to notify you if fraud has taken place – you either won’t discover the fraud until you try to file a real tax return or the IRS will send you a notification via snail mail. (The IRS will never contact you about fraud over the phone or email.)

When it comes to dealing with tax-related identity theft, this checklist from the FTC will be your best friend. You may be surprised to learn that you need to file a local police report. This will help you verify that you are the real you when you report the fraud to credit bureaus and government agencies. You might also consider identity theft protection for future (inevitable) hacks.

How can I stay updated on this data breach?

Our favorite way of staying up-to-date on major news stories is using Google Alerts. Just enter the keywords you want to track – in this case, T-Mobile Hack or T-Mobile Data Breach or Experian Data Breach – and Google will email you whenever new stories come up that mention the keyword.

For staying up-to-date on this hack and other security news, we suggest Krebs on Security, a fantastic digital security blog. You can sign up for his newsletter or follow him on Twitter and Facebook to get his security updates delivered directly to you.

Image: Colin

Ready to shop for life insurance?

Start calculator