Google’s cell network provider Google Fi has confirmed a data breach, likely related to the recent security incident at T-Mobile, which allowed hackers to steal millions of customers’ information.
In an email sent to customers on Monday, obtained by TechCrunch, Google said that the primary network provider for Google Fi recently informed the company that there had been suspicious activity relating to a third-party support system containing a “limited amount” of Google Fi customer data.
The timing of the notice — and the fact that Google Fi uses a combination of T-Mobile and U.S. Cellular for network connectivity — suggests the breach is linked to the most recent T-Mobile hack. This breach, disclosed on January 19, allowed intruders access to a trove of personal data belonging to 37 million customers, including billing addresses, dates of birth and T-Mobile account details. The incident marked the eighth time T-Mobile has been hacked since 2018.
In the case of Google Fi’s breach, Google says the hackers accessed limited customer information, including phone numbers, account status, SIM card serial numbers and information related to details about customers’ mobile service plans, such as whether they have selected unlimited SMS or international roaming.
Google said that the hackers did not take customers’ personal information or payment card data, passwords, PINs or the contents of text messages or calls.
While some emails told customers that there is “no action required,” at least one Google Fi customer claimed in a Reddit post that their disclosure said that their phone number had been briefly hijacked, known as SIM swapping. Google reportedly told the customer that the intruders had transferred their number for close to two hours, during which they “could have involved the use of your phone number to send and receive phone calls and text messages.” This technique is used by hackers to gain access to a victim’s other online accounts that are protected by the same, albeit hijacked phone number.
TechCrunch asked Google whether it could confirm that the incident was linked to the recent T-Mobile breach but has yet to receive a response. It’s not immediately clear how many Google Fi subscribers have been affected by the breach. Google hasn’t made public how many cell subscribers it has in total.
In its email to customers, the company said it is working with the as-yet-unnamed network provider to “identify and implement measures to secure the data on that third-party system and notify everyone potentially impacted.” It added that there was no access to Google’s systems or any systems overseen by Google.
Updated to remove a sentence related to customer voicemails.
https://techcrunch.com/
ata breaches can be extremely harmful to organizations of all shapes and sizes — but it’s how these companies react to the incident that can deal their final blow. While we’ve seen some excellent examples of how companies should respond to data breaches over the past year — kudos to Red Cross and Amnesty for their transparency — 2022 has been a […]
In late April, police in Nebraska received a tip saying 17-year-old Celeste Burgess had given birth to a stillborn baby and buried the body. Officers soon learned that her mother, Jessica Burgess, and a friend had helped her with transportation and burial. The police issued citations for concealing the death of another person and false reporting. But […]
AS RUSSIA’S INVASION of Ukraine drags on, navigation system monitors reported this week that they’ve detected a rise in GPS disruptions in Russian cities, ever since Ukraine began mounting long-range drone attacks. Elsewhere, a lawsuit against Meta alleges that a lack of adequate hate-speech moderation on Facebook led to violence that exacerbated Ethiopia’s civil war. […]
Leave a Reply