A new data breach shows the importance of incorporating third party partners as part of your disaster recovery planning process.
Credit bureau Experian recently announced that it was the victim of a data breach that lasted for two years and exposited the personal information of 15 million T-Mobile customers.
The breach arrives at a particularly bad time for the cell phone carrier. After nearly being sold off to AT&T several years ago, the company rebounded extraordinarily with their no-nonsense marketing approach and leading the revolution against traditional two-year contract pricing models. Recently, the company overtook rival carrier Sprint as the third biggest cell phone provider in the country. With this in mind, it was the worst time for the company to deal with a something as negative as a data breach.
"Obviously I am incredibly angry about this data breach and we will institute a thorough review of our relationship with Experian, but right now my top concern and first focus is assisting any and all consumers affected," T-Mobile chief executive officer John Legere said in a statement.
Legere explained that his company uses Experian to process credit applications for new customers looking for service. While it is unclear if the 15 million people affected by the breach are all customers who were approved for service or if it is a mixture of those who were accepted by T-Mobile and those who weren't, but either way, Legere is reaching out to those people.
"I take our customer and prospective customer privacy VERY seriously. This is no small issue for us. I do want to assure our customers that neither T-Mobile's systems nor network were part of this intrusion and this did not involve any payment card numbers or bank account information," he wrote.
What was compromised in breach, which lasted from Sept. 1, 2013 to Sept. 16, 2015, include names, addresses, birth dates, Social Security numbers and ID numbers, either from a driver's license or passport.