Google Fi warns customers their data has been compromised

Google has informed customers of its Fi Mobile Virtual Network Operator (MVNO) service that hackers have been able to access some of their information TechCrunch. The tech giant said the bad actors infiltrated a third-party system used for customer support at Fi’s primary network provider. While Google doesn’t name the provider directly, Fi relies on US Cellular and T-Mobile for connectivity. If you recall, in mid-January the latter admitted that hackers had been stealing data from its systems since November of last year.

T-Mobile said the attackers got away with the information of around 37 million postpaid and prepaid customers before discovering and containing the problem. At the time, the carrier insisted that no passwords, payment information, and social security numbers were stolen. Google Fi says the same thing, adding that it didn’t take PINs or SMS/call content either. The hackers only appeared to have access to users’ phone numbers, account status, SMS card serial numbers, and some service plan information, such as international roaming.

Google reportedly told most users that they did not need to do anything and that it was still working with Fi’s network provider to “identify and implement measures to secure the data on this third-party system and to notify any potentially affected individuals.” However, at least one customer reported experiencing more serious issues than most as a result of the breach. They shared part of what they claim to be the email from Google on Reddit, telling them that their “mobile phone service has been transferred from [their] SIM card to another SIM card” for almost two hours on January 1st.

The customer said he received password reset notifications from Outlook, his crypto wallet account and the two-factor authenticator Authy that day. They sent logs to 9to5Google to prove that the attackers had used their number to receive text messages that gave them access to those accounts. Based on their Fi text history, the attackers began resetting passwords and requesting two-factor authentication codes via SMS within a minute of transferring their SIM card. The customer was reportedly only able to regain control of his accounts after turning off and on network access on his iPhone, although it’s unclear if that solved the problem. We’ve reached out to Google for an explanation regarding customers’ SIM replacement entitlement and will update this post once we receive feedback.

All products recommended by Engadget are selected by our editorial team independently from our parent company. Some of our stories contain affiliate links. If you buy something through one of these links, we may receive an affiliate commission. All prices are correct at time of publication.

Leave a Reply

Your email address will not be published. Required fields are marked *