The U.S. Public Interest Research Group (PIRG) has called for a full regulatory investigation into the Experian data breach that exposed the personal data of 15 million potential T-Mobile customers, and potentially millions more.
Over 25 individual groups, led by PIRG are concerned for the data of 200 million Americans allegedly being put at risk.
Credit rating firm Experian have revealed that they are yet another victim of data theft, giving rise to the business world’s latest least favorite headline of 2015.
Millions of Americans personal data has been breached in news that should have been even more shocking than the Ashley Madison hack back a few months ago. Unfortunately, because the data hack didn’t involve ‘sex,’ it passed most of us by.
A statement released by Experian read:
“On Sept. 15, 2015, Experian discovered an unauthorized party accessed T-Mobile data housed in an Experian server…Experian’s consumer credit database was not accessed in this incident, and no payment card or banking information was obtained.”
Well there’s a response we’ve heard a lot this year; the “no payment card data taken” statement is a misnomer of epic proportions. What did manage to end up in the hands of hackers is not something anyone wants being passed around the Dark Web being sold to the highest bidder.
Experian has claimed the data stolen includes “name, address, Social Security number, date of birth, identification number (typically a driver’s license, military ID or passport number) and additional information used in T-Mobile’s own credit assessment.”
The Experian breach occurred at the subsidiary credit rating agency, Decisioning Solutions, a company that T-Mobile uses to process information on subscribers, and make decisions about their credit worthiness. Experian has said the business is “completely separate” from its main credit bureau business.
This explanation didn’t hold much truck with several consumer interest groups however.
With the support of more than 25 national and state consumer privacy groups, PIRG is calling for a full flung investigation of the Experian data hack by the Federal Trade Commission (FTC).
“We believe that it is incumbent on the regulatory agencies to fully investigate this breach, including whether other Experian databases have been breached,” a letter written by PIRG said. “A data security breach that affected Experian’s credit report files would be a terrifying and unmitigated disaster.”
Sounds about right…
But PIRG, backed by a significant number of other bodies, fear that there is a very real danger that the hack may have gone far further than Experian are letting on.
Their concern is that the personal information of Experian’s main database, that holds information on a guesstimated 200 million Americans may also have been hacked. Experian deny the accusation.
“A data security breach that affected Experian’s credit report files would be a terrifying and unmitigated disaster,” PIRG claimed.