About 15 million T-Mobile customers have had their most personal data leaked in a huge hack on Experian, the credit checking company.

The people affected didn’t use the service directly but lost data that they given to T-Mobile as part of credit checks, according to statements by both companies. The compromised data includes names, dates of birth, addresses, social security numbers and ID information.

Experian said that it would get in contact with people affected by the hack. It said that when it did it would offer them a two year subscription to the services that Experian provides to keep personal data safe.

“Although there is no evidence to-date that the data has been used inappropriately, Experian strongly encourages affected consumers to enroll in the complimentary identity resolution services,” Experian said in a statement.

Experian pointed out in its statement that the unit that had been hacked was “notably not its consumer credit bureau”. But the data that was lost was still consumer credit data.

The company didn’t say who was to blame for the attack, saying only that it “experienced an unauthorized acquisition of information from a server that contained data on behalf of one of its clients, T-Mobile”.

Experian holds data for a vast array of companies, from information used in small credit checks to documentation about huge loans. Many companies across America use the site as a way of storing and cross-referencing data.

T-Mobile’s comments seemed to largely put the blame on Experian for the attack.

“We have been notified by Experian, a vendor that processes our credit applications, that they have experienced a data breach,” wrote CEO John Legere.