What you need to know
- Sprint has said that hackers managed to break into its customer accounts through Samsung's 'add a line' website.
- The carrier claims to have taken 'appropriate action' to secure the accounts of affected customers.
- Sprint hasn't revealed exactly how many customer accounts were compromised by the breach.
Just four months after a data breach that compromised user accounts of some Boost Mobile customers, Sprint has now admitted that hackers managed to gain unauthorized access to some of its customer accounts via Samsung's 'add a line' website on June 22. However, Sprint is yet to reveal the number of customers affected by the breach.
According to a letter that the carrier has sent to affected customers, personal information that may have been viewed by hackers include the customers' first and last name, phone number, device type, device ID, subscriber ID, account number, monthly recurring charges, account creation date, upgrade eligibility, billing address and add-on services.
If Sprint is to be believed, hackers were not able to obtain any other information that could pose a risk of fraud or identity theft. The carrier told CNET that credit card and social security numbers of its customers are encrypted and were not compromised during the breach. It further claims to have taken appropriate action to secure the accounts of its customers from unauthorized access. The carrier re-secured affected customer accounts three days after the breach on June 25 by resetting the account PIN.
Samsung, on the other hand, has admitted that fraudulent attempts were made to access Sprint user account information via its website. However, the company clarified that Sprint login credentials used to gain unauthorized access were not obtained from its website and nor was any Samsung user account information accessed as part of the hacking attempts. It has already deployed measures to prevent any such fraudulent attempts in the future.
We may earn a commission for purchases using our links. Learn more.