Experian Breach Exposes 15 Million T-Mobile Customers, Applicants' Information: What You Need to Know

By Julie Myhre, NextAdvisor.com

If you've applied for a T-Mobile phone plan within the past two years, there's a high chance your information may have been breached by Experian -- one of the three major credit bureaus. As confusing as it may sound, T-Mobile used Experian to run credit checks on customers opening a new postpaid phone plan. As such, Experian had that information stored on a server. According to Experian's news release, hackers broke into the server and accessed personal information for more than 15 million T-Mobile customers and potential customers who applied for a U.S. postpaid plan between Sept. 1, 2013 and Sept. 16 of this year. It should be noted that the breach did not expose or affect Experian customers' information.

What information was leaked?

While no banking or payment information was leaked, a lot of personal information that is required to run a credit check was exposed, including
names, addresses, social security numbers, birthdays and identification numbers (e.g. driver's license, military ID or passport numbers).

How can I protect myself?

In attempts to alleviate the situation, Experian has set up a
to get all of the details about the breach. In addition, as a provider of one of the well-known identity theft protection services,
, it's no surprise that Experian is offering breach victims a two-year membership to its service. Although this is a good gesture, it should be noted that ProtectMyID may not be the best option for breach victims, as it lacking in certain areas of protection -- such as providing consumers with copies of all three credit reports.

When you sign up for the ProtectMyID plan for T-Mobile customers, the service will track (on a daily basis) all three of your credit reports -- Experian, TransUnion and Equifax -- and alert you if anything is added to your reports. In addition, you will be provided with a copy of your Experian credit report. While the daily tracking is good and the Experian credit report is helpful, it would be ideal if you also received a copy of your complete TransUnion and Equifax credit reports, especially since not all credit accounts are reported to all three bureaus. The reason behind this is simple: if your information was exposed and used fraudulently before the credit report monitoring starts, you will likely not know about it because you will only be alerted of credit activity that occurs after you signed up -- the only way to catch it is look at all three of your credit reports right now. As such, you have a couple of options here to make up for this lack in coverage.

1. Sign up for another identity theft protection service: We know it's hard to turn down any free service, but when it comes to identity theft, you don't want to take a risk. That's why it may be better for you to sign up for an identity theft protection service that not only provides you with three-bureau credit report monitoring, but also gives you copies of all three of your credit reports immediately after signup. This will allow you to comb through all of the activity on your credit reports and verify it is all legitimate, as well as report any potential fraud.

Two top-rated services that provide both three-bureau credit report monitoring and all three of your credit reports and scores at signup are Identity Guard and TrustedID. In addition to having a budget-friendly price tag -- $14.99/month for Identity Guard and $9.38/month ($112.50/year) with an annual prepay or $13.49/month with monthly payments for TrustedID -- both of these services also come with a free trial (Identity Guard has a 30-day trial and TrustedID has a 14-day trial), which means you can test them out prior to making a financial commitment. With such flexibility, you can even sign up for the free ProtectMyID plan and one of these services simultaneously and determine which is best for you. Visit our identity theft compare chart to learn more about these services.

2. Check your credit reports. If you've decided that the ProtectMyID plan for T-Mobile customers is the best for you, you'll still want to be sure to check your credit reports, as they may contain some fraudulent accounts that were opened prior to you signing up for the service (as explained above). You can go about this two ways: sign up for another identity theft protection service with a free trial and cancel before the trial is up or check your credit reports at AnnualCreditReport.com, a government-approved service that allows you to obtain one copy of all three of your credit reports for free every year. Either option will allow you to comb through your reports and recognize any fraudulent accounts that were opened prior to ProtectMyID's tracking.

Another thing that breach victims may want to keep an eye on is their bank accounts. Since so much personal information, such as your social security number and birth date, was leaked in the hack, it's likely that the hackers will attempt to gain access to your financial accounts. You can combat this by regularly checking your bank statements and making sure you report any fraudulent activity as soon as you spot it.

Lastly, since hackers have victims' names and addresses, it's likely that T-Mobile customers will be targeted for scams. Read our guide to not falling for a scam to make sure you protect yourself from these targeted attacks.

Why does this breach matter?

Even though it seems we hear about a new data breach every week, this breach is different. Not only was it a third-party breach that exposed the customers of another service, but a server owned by one of the three credit bureaus was hacked. To think that an entity that holds so much personal information can be breached in any way -- even if it's just one server -- is frightening. If anything, this breach is showing consumers that they need to take their identity protection seriously and make sure they are
in their everyday life.

Follow our breach blog to keep up with this breach and read our identity theft protection reviews to learn about the top-rated services.

This blog post originally appeared on NextAdvisor.com.