Google Fi, Google’s U.S.-only telecommunications and mobile internet service, has notified customers that personal data was exposed by a data breach at one of its primary network providers. Some of them were also warned that it allowed SIM swapping attacks.
Hackers Targeting With the SIM-Swapping Attack
Google has sent the potential SIM swap victims a special notification reading, “On January 1, 2023, for about 1 hour 48 minutes, your mobile phone service was transferred from your SIM card to another SIM card.
During the time of this temporary transfer, the unauthorized access could have involved the use of your phone number to send and receive phone calls and text messages.”
The company says names, dates of birth, email addresses, payment card details, social security numbers, financial account information, passwords or PINs were not exposed. Hackers also did not gain access to the content of calls or SMS messages.
Google however did not mention who the primary network provider that got breached was, but it is believed that they are referring to T-Mobile.
T-Mobile disclosed last month that it suffered an API data breach in November 2022 that exposed the personal information of approximately 37 million subscribers.
As for T-Mobile, the company said it detected a data breach on January 5. The threat actor, which has not been identified, apparently abused an API to access customer account data such as name, billing address, phone number, email, date of birth, and service information.
These attacks are conducted using social engineering, where the threat actor impersonates the customer and requests that the number be ported to a new device for some reason. They also provide personal information exposed to phishing attacks and data breaches in order to convince the mobile carrier.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment