Google’s cell network provider Google Fi has confirmed a data breach, likely related to the recent security incident at T-Mobile, which allowed hackers to steal millions of customers’ information.
In an email sent to customers on Monday, obtained by TechCrunch, Google said that the primary network provider for Google Fi recently informed the company that there had been suspicious activity relating to a third-party support system containing a “limited amount” of Google Fi customer data.
The timing of the notice — and the fact that Google Fi uses a combination of T-Mobile and U.S. Cellular for network connectivity — suggests the breach is linked to the most recent T-Mobile hack. This breach, disclosed on January 19, allowed intruders access to a trove of personal data belonging to 37 million customers, including billing addresses, dates of birth and T-Mobile account details. The incident marked the eighth time T-Mobile has been hacked since 2018.
In the case of Google Fi’s breach, Google says the hackers accessed limited customer information, including phone numbers, account status, SIM card serial numbers and information related to details about customers’ mobile service plans, such as whether they have selected unlimited SMS or international roaming.
Google said that the hackers did not take customers’ personal information or payment card data, passwords, PINs or the contents of text messages or calls.
While some emails told customers that there is “no action required,” at least one Google Fi customer claimed in a Reddit post that their disclosure said that their phone number had been briefly hijacked, known as SIM swapping. Google reportedly told the customer that the intruders had transferred their number for close to two hours, during which they “could have involved the use of your phone number to send and receive phone calls and text messages.” This technique is used by hackers to gain access to a victim’s other online accounts that are protected by the same, albeit hijacked phone number.
TechCrunch asked Google whether it could confirm that the incident was linked to the recent T-Mobile breach but has yet to receive a response. It’s not immediately clear how many Google Fi subscribers have been affected by the breach. Google hasn’t made public how many cell subscribers it has in total.
In its email to customers, the company said it is working with the as-yet-unnamed network provider to “identify and implement measures to secure the data on that third-party system and notify everyone potentially impacted.” It added that there was no access to Google’s systems or any systems overseen by Google.
Updated to remove a sentence related to customer voicemails.
https://techcrunch.com/
Emerging Indian social media app Slick left an internal database containing users’ personal information, including data of school-going children, publicly exposed to the internet for months. Since at least December 11, a database containing full names, mobile numbers, dates of birth, and profile pictures of Slick users was left online without a password. Bengaluru-based Slick launched in […]
British newspaper The Guardian has confirmed that cybercriminals accessed the personal details of U.K. staff members during a ransomware attack last month. The Guardian confirmed the data breach in an update emailed to staff on Wednesday, which the newspaper reported shortly after. The email, signed by the news outlet’s chief executive Anna Bateson and editor-in-chief […]
After gaining access via RDP, all three threat actors encrypted files, in an investigation complicated by event log clearing and backups. 3 attackers, 2 weeks – 1 entry point. Written by Linda Smith, Rajat Wason, Syed Zaidi AUGUST 10, 2022 SECURITY OPERATIONS ACTIVE ADVERSARY PLAYBOOK BLACKCAT FEATURED HIVE LOCKBIT RANSOMWARE SOPHOS X-OPS In May 2022, an automotive supplier was hit with three separate ransomware attacks. […]
Leave a Reply