This just happened to me with old information. Now that you said T-MOBILE it all makes sense to me. I locked all 3 credit files and also put fraud alerts on them as well. 

Got the same message. I iced everyone except EX. Having difficulty with them.

    

The last dark web alert i got from myfico included recommended instructions on what to do next.

It recommended i change all my passwords on every online account i had, i did it.

After EQ issue, and consider it as an example, it is better to be very conservative regarding data and identity protection possibly FOREVER.

Some banks even suggest to change account and email passwords every 3 months (on top of 2 step verification, credit lock, credit monitoring, etc).

Fico8: EX~EQ~TU~840 (12 month goal~850).
BOA (CCR, UCR), Chase (CFF, CSP, Amazon, CIC, CIU), US Bank (Cash+, AR, Go, Ralphs), Discover, Citi (CCC, DC, SYW), Amex (BCP, HH, Biz Gold, BBC, BBP), Affinity CR, Cap1(Walmart), Barclays View.

I just received the same message from Experian IdentyWorks.  They found my Social and DL also.  They specifically told me it's from T-Mobile.  I have not been a T-Mobile customer since the end of 2012!  I've had my e-mails compromised before but never my Social and DL.  I'm so upset!  I just finished adding a security freeze on all 3 credit bureaus since they had my correct zip code (address). The only thing that was incorect was the phone number; I've changed my phone number in 2014.

I received an alert from my Experian app tonight that some of my personal information was found on the "dark web."  I logged into my Experian and found that my social security number, cell phone number, email address, and even my driver's license number were all discovered on the dark web and it said the potential site that my information was leaked from was T-Mobile's website and that the breach occurred last August.  

How concerned should I be at this point?  I know absoulutely nothing about the dark web, other than the fact that it exists and that nothing good ever happens on it.  My husband and I are in the process of getting ready to start shopping for a new home, so the last thing I need right now (or ever) is a case of identity theft ransacking my credit.  Should I be contacting T-Mobile about this since it says the info came from their site?  We are T-Mobile customers, so we do have an account with them for our wireless service.  I always watch my credit like a hawk, but is there anything else I should be doing to protect myself?  Experian says that I should lock my credit file, but we are getting ready to put in a mortgage application in the next few days and we're already working with a loan officer, so I can't exactly do that right now.

Any advice would be greatly appreciated!

---

@jrwa81 wrote:

I received an alert from my Experian app tonight that some of my personal information was found on the "dark web."  I logged into my Experian and found that my social security number, cell phone number, and my driver's license number were all discovered on the dark web and it said the potential site that my information was leaked from was T-Mobile's website and that the breach occurred last August.  

 

How concerned should I be at this point?  I know absoulutely nothing about the dark web, other than the fact that it exists and that nothing good ever happens on it.  My husband and I are in the process of getting ready to start shopping for a new home, so the last thing I need right now (or ever) is a case of identity theft.  Should I be contacting T-Mobile about this since it says the info came from their site?  We are T-Mobile customers, so we do have an account with them for our wireless service.  I always watch my credit like a hawk, but is there anything else I should be doing to protect myself?  Experian says that I should lock my credit file, but we are getting ready to put in a mortgage application in the next few days and we're already working with a loan officer, so I can't exactly do that right now.

 

Any advice would be greatly appreciated!

---

You should immediately lock/freeze your credit reports with all three credit bureaus and also ask them to place an extended fraud alert on your account.   It will remain for six or seven years.   It just advises potential creditors that they should call you and also get additional ID before opening any credit in your name.   It's a PITA when you are applying for credit, but it's a lot less onerous than dealing with identity theft.

I'd agree. Place the Fraud Alert immediately and also lock your credit files. I lock Experian in the Experian App, Equifax has a Lock and Alert app, and TransUnion I go on their website. 
I've also locked Chexsystems, SageStream and Innovis and they also lock LexisNexis. 
Your information has been stolen but locking it will help prevent the thieves from opening new accounts in your name.