News, Security Tips

Experian Data Breach—Who’s Been Affected and What Can You Do?

On October 1, Experian announced one of its business units was hacked two weeks ago, and information was taken from a server that contained data from T-Mobile USA, one of its clients. T-Mobile uses Experian’s services to process its customers’ credit applications.

In its press release, Experian noted that:


“The data included some personally identifiable information for approximately 15 million consumers in the US, including those who applied for T-Mobile USA postpaid services or device financing from September 1, 2013 through September 16, 2015, based on Experian’s investigation to date. This incident did not impact Experian’s consumer credit database.”


While it is good news that at least the company’s consumer credit bureau was not infiltrated by the hacker, this breach still impacts 15 million U.S. consumers. In a letter from T-Mobile’s CEO John Legere posted to the company’s website, he noted the consumer data accessed from this breach includes:


“…information such as name, address and birthdate as well as encrypted fields with Social Security number and ID number (such as driver’s license or passport number), and additional information used in T-Mobile’s own credit assessment.”


A data breach of this size and scale is, unfortunately, a reality of today’s digitally connected world, but there are some steps that you can take to protect yourself if you’ve been affected by the Experian breach, or any other. We’ve included a list of tips below to help keep your personal information secure if you’ve been impacted by a data breach.

  1. Set up a credit freeze or fraud alert through Experian, TransUnion and Equifax. With a credit freeze, no one can check your credit without your permission, and with fraud alerts, anyone checking your credit reports (such as credit card company) is notified that you’ve been a victim of identity theft so they’ll conduct additional background checks before extending credit. (Of note—Only consumers that had a credit report run by T-Mobile were affected by this breach. It is safe to reach out to Experian to set up a credit freeze.)
  2. Change passwords and login usernames for all social, financial and personal sites, or just sign up for a password manager that offers features such as strong password generation and security notifications.
  3. Enable 2-step authentication whenever it is offered, as a simple second step that provides additional security for your accounts. For example, you can have a login code sent to your phone via text. Here’s how you can set it up with Password Boss.
  4. Notify each credit card that you’ve been the victim of a data breach, and set alerts on your credit cards for unusual charges such as charges from out of the country, charges over a certain amount, etc.

While data breaches are an everyday reality for consumers, there are steps you can take to protect yourself if you’ve been a victim, and safeguards you can set up to prevent any future damage.



Leave a Reply

Your email address will not be published. Required fields are marked *

Comment Policy

We welcome and encourage comments on the Password Boss Blog. All comments will be reviewed and posted as quickly as possible after internal review.