Ryan Reynolds-backed Mint Mobile discloses data breach


Mint Mobile, a mobile virtual network operator in the United States, has notified its customers of a personal information leak.

Mint Mobile, a US budget brand backed by actor Ryan Reynolds and currently undergoing acquisition by telecommunications giant T-Mobile for over $1.3 billion, disclosed that names, numbers, email addresses, SIM SN and IMEI numbers, along with service plan information of its customers, were leaked following a security breach.

The company chose not to publicly disclose the security breach, opting instead to send personal notification letters to affected individuals. The Verge journalists were the first to notice a Reddit thread where a customer shared details about the email they received.

"We are writing to inform you about a security incident we recently identified in which an unauthorized actor obtained some limited types of customer information. Our investigation indicates that certain information associated with your account was impacted," the email reads.

In the thread, some Mint Mobile clients mentioned not receiving any emails, suggesting that not all Mint Mobile users might have been affected. We've reached out to the company and will update the article as soon as we hear more.

Initially, the user who posted about the email speculated it might have been a scam. However, an official Mint Mobile Reddit account's subsequent comment suggests otherwise: "If you received a notice via email from [email protected] on December 22, 2023, it is from Mint and is not a scam."

While the company stated in its email that users didn't need to take any specific steps to secure their accounts, there is the potential for threat actors to exploit phone numbers and email addresses in various phishing and smishing campaigns. Therefore, Mint Mobile customers should remain vigilant for any suspicious or spam content via SMS or email.



Comments

Jonathan R Klemm
prefix 8 months ago
We all should use password databases as well as using sms 2FA less and less. I like it that both Gmail and yahoo email use their YouTube and yahoo email programs. Better to get a 2FA key these days though. With this breach we will need to change our passwords.
Uno
prefix 8 months ago
This is a good way for competitors to hire hackers to increase operation cost for Mint Mobile so they stop saving the customer get by switching to Mint Mobile
John Kurzman
prefix 8 months ago
This is much worse than only needing the mint customer "to remain vigilant for any suspicious or spam content via SMS or email". Because the attackers have the cellphone Sim information, they can clone the phone and do banking account password resets which will send the one time reset information to the attacker, while the actual phone may have been deactivated. Or the bad guys may simply beat the customer to the reset in the middle of the night while they sleep. Customers must immediately change their phone reset information and/or financial institutions need the lists of effected Sims to as deactivate the feature for their those customers immediately.
Stewart
prefix 8 months ago
It would appear that T-Mobile does not believe it is subject to the Cyber Security Laws of the United States.

They obviously do not have sufficient security protocols to protect my data. I just subscribed to Mint Mobile the week prior to their most recent cyber security incident, one of several such incidents over the past year.

I have cancelled my new Mint Mobile account due to T-Mobile's calus security practice. I will be staying with Verizon Wireless despite the savings I could have saved with Mint Mobile.
John luchene
prefix 8 months ago
Disappointed is service , bad company policies , definitely disappointed
DOC KILLMON
prefix 8 months ago
Mint mobile will continue to have bad luck for their poor business practices!
DOC KILLMON
prefix 8 months ago
Gotta tell you...Mint Mobile practices are despicable. Their advertising for "UNLIMITED internet, text, data" is false advertising. Their plan was very enticing but before the first month ended they were trying to sell me more Data! I lost my hot spot. Very Very disappointing RYAN !!!
Leave a Reply

Your email address will not be published. Required fields are markedmarked