Threat Actors Gained Access to Google Fi Customers’ Information
The Incident May Be Linked to the Recent T-Mobile Breach.
Google Fi, the cell network provider of Google, recently confirmed a data breach. It is likely that the incident is related to the recent T-Mobile security incident, which allowed threat actors to steal the information of millions of customers.
Based on TechCrunch, the customers were notified about the data breach on Monday via email. The email mentioned that Google discovered suspicious activity relating to a third-party support system containing a ‘limited amount’ of Google Fi customer data. The timing of the message and the use of T-Mobile and U.S. Cellular by Google Fi for network connectivity raise the possibility that the breach is connected to the most recent T-Mobile hack.
What Information Was Accessed?
Limited consumer information was obtained in the Google Fi breach, according to Google, including phone numbers, account statuses, SIM card serial numbers, and information about the customers’ mobile services plans, such as whether they chose unlimited SMS or international roaming. According to Google, the threat actors did not obtain access to the customers’ personal information, payment card data, PINs, passwords, or contents of text messages and calls.
One Google Fi client claimed in a Reddit post that their disclosure stated that their phone number had briefly been hijacked, a practice known as SIM swapping, despite the fact that several emails informed customers that “no action is necessary”. Apparently, the customer was informed by Google that his number was transferred by the threat actors for close to two hours, during which they could have used the number to send or receive calls and texts.
TechCrunch reached out to Google to confirm whether or not the incident was linked to the T-Mobile breach, but it has received no response yet. Google Fi has not made public how many cell subscribers it has in total, and currently, the number of persons affected by the breach is yet to be communicated by the company.
Google is currently working with the unnamed network provider to “identify and implement measures to secure the data on that third-party system and notify everyone potentially impacted”. No access to Google’s systems or systems overseen by them has been acquired by the threat actor following the incident.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.