Over $16 million in settlements have been collected by multiple state attorneys general from the consumer credit reporting company Experian following the 2015 data breach of T-Mobile.
The data breach occurred when Experian was hacked in September 2015, according to a release from Texas Attorney General Ken Paxton. The breach gave the hacker access to the personal information of T-Mobile customers since the cellphone carrier is a client of Experian.
That information included names, addresses, dates of birth, Social Security numbers and identification numbers — such as driver’s license and passport numbers — all of which T-Mobile used to make credit assessments for people who applied for postpaid services and device financing from September 2013 to September 2015.
In the 40-state group, Texas is collecting over $1.6 million in settlement funds for the nearly 2 million Texans affected in the breach. Massachusetts Attorney General Maura Healey announced earlier this month that her office collected $625,000 in settlement funds for state residents who were affected by the breach.
“This settlement is an important step in ensuring that there is accountability,” Mr. Paxton said in a release Wednesday. “My office will continue to enforce Texas laws that require the safeguarding of consumers’ personal information.”
Ms. Healey said the settlement also requires Experian to develop a data breach notification plan and identity theft prevention program, along with trying to reduce the use of Social Security numbers as identifiers.
Further, Experian must offer five years of free credit monitoring service to affected consumers and two free copies of their credit reports annually during that time frame, per the Massachusetts attorney general.