Mint Mobile, a US mobile operator company, revealed that its customer account information was breached after an unauthorized person gained unauthorized access to its systems.
The company sent a data breach notification email to affected subscribers this weekend, saying the hacker also ported phone numbers of a “small” subset of Mint Mobile subscribers to another carrier.
Mint Mobile revealed that an unauthorized person might have gained access to subscribers’ phone numbers, history, names, passwords, email addresses, and more.
“Between June 8, 2021 and June 10, 2021, a very small number of Mint Mobile subscribers’ phone numbers, including yours, were temporarily ported to another carrier without permission,” Mint Mobile disclosed in the email to an impacted customer.
An unauthorized individual may have gained access to some of the information that was stored on customers’ accounts, Mint Mobile said:
“While we immediately took steps to reverse the process and restore your service, an unauthorized individual potentially gained access to some of your information, which may have included your name, address, telephone number, email address, password, bill amount, international call detail information, telephone number, account number, and subscription features.”
Mint Mobile has not revealed how a threat actor managed to gain access to the subscribers’ data but said it is likely that the actor has hacked user accounts or compromised their Mint Mobile application used to manage accounts. It is strongly advised that users change their passwords to their Mint Mobile account.
Mint Mobile has issued a warning to users to protect their accounts from unauthorized users who might use their phone numbers for validation or to reset account passwords. The attackers could use the ported number to launch other attacks, such as phishing, or intercept 2-factor authentication codes sent via text messages.
In January, USCellular, a tech company, was hit by a similar attack, which involved sending phishing emails to its employees. The attackers then downloaded and installed software that gave them remote access to the devices. Using this method, the hackers were able to access a subscriber’s account by accessing their email and telephone numbers stored in the CRM.