About 15 million people who used services of Experian, one of the largest credit agency data brokers in the world, including customers of cellular company T-Mobile, may be affected by the recent hack of the company and see their private information exposed.

Experian’s businesses extend from customer loyalty cards to public records including real estate liens and bankruptcy. Of course, Experian’s vast database is widely used by automated ad networks, but it also has many other applications. Intruders managed to steal the following information: names, addresses, SSNs, driver’s license and passport numbers. Although the latter two were encrypted, the company admitted that encryption might also have been compromised.

An investigation into the breach will be launched. In the meantime, Experian assured that its consumer credit database was not accessed. Perhaps, it meant that the damage was limited to T-Mobile. The perpetrator wasn’t named, but Experian contacted law enforcement and told that the break particularly affects “those who applied for T-Mobile USA postpaid services or device financing” for the last two years.

Apparently, the data broker found out that an unauthorized party accessed T-Mobile data stored in an Experian server. Now all affected consumers are offered free credit monitoring services. As for T-Mobile, the company couldn’t delete credit check data from the Experian servers because retention for 25 months is required under the credit laws.

T-Mobile’s CEO assured all customers that neither their systems nor network were affected by the hack and this didn’t involve any payment card numbers or bank account details.

This incident is the most recent in a series of data breaches targeting all parts of US life, from the US government agencies to retail networks, often affecting tens of millions of users. In response, the government has blamed China for the OPM hack and pulled spies from the country.

However, this is not the first time the company is targeted. An attack on an Experian subsidiary last year exposed the SSNs of 200 million Americans and forced the law enforcement authorities to launch an investigation by at least 4 states. Now the fears are that data thieves can reappropriate private information.