Experian, the world's biggest consumer credit monitoring firm, has disclosed a massive data breach that exposed sensitive personal data of some 15m people who applied for service with T-Mobile in the United States.
Connecticut's attorney general said he will launch an investigation into the breach.
Experian said it discovered the theft of the T-Mobile customer data from one of its servers on 15 September.
The computer stored information about some 15m people who had applied for service with telecoms carrier T-Mobile during the prior two years, Experian said.
T-Mobile Chief Executive John Legere said the data included names, addresses, birth dates, Social Security numbers, driver’s licence numbers and passport numbers.
Such information is coveted by criminals for use in identity theft and other types of fraud.
Mr Legere said in a note to customers posted on the company's website: "Obviously I am incredibly angry about this data breach and we will institute a thorough review of our relationship with Experian.
"But right now my top concern and first focus is assisting any and all consumers affected," he added.
The Experian breach is the latest in a string of massive hacks that have each claimed millions - and sometimes tens of millions - of customer records, including the theft of personnel records from the US government this year, a 2014 breach on JPMorgan Chase and a 2013 attack on Target Corp's cash register systems.
It is also the second massive breach linked to Experian. An attack on an Experian subsidiary that began before Experian purchased it in 2012 exposed the Social Security numbers of 200 million Americans and prompted an investigation by at least four states, including Connecticut.
Experian on Thursday said it had launched an investigation into the new breach and consulted with law enforcement.