Google Fi said customer data has been compromised by hackers, and the incident is most likely linked to the massive T-Mobile hack on January 19.
US mobile phone carrier Google Fi has been linked to the recent T-Mobile data breach on January 19 which involved over 37 million T-Mobile customers.
Google Fi sent an email to its customers Monday explaining that their primary network provider had informed them of “suspicious activity involving a third-party customer support system and a limited amount of Google Fi customer data.”
The no-frills cell phone carrier piggybacks on the T-Mobile network for national coverage and US cellular for regional service, leaving users to conclude the two breaches were connected.
“Data stolen in this breach is going to fuel numerous attacks in the future. However, the victims can take a little solace that their payment information or PINs were not stolen,” said CEO and co-founder of Israeli cybersecurity startup Grip Security, Lior Yaari.
“The accessed information included your phone number and limited technical information, including information about when your account was activated, SIM card serial number, account status (for example, whether your plan is active or inactive), and limited details about the mobile service plan and options provided by your Google Fi service (such as unlimited SMS or international roaming)," the email said.
Unhappy Google Fi customers have been discussing sections of the email and possible ramifications on social media threads like Reddit and Bogleheads.org.
"How much of a risk is a hacked SIM card serial number?" one user asked.
According to the Google email, "the data does not contain your name, date of birth, email address, payment card information, social security number or tax IDs, driver’s license or other form of government ID, or financial account information, passwords or PINs that you may use for Google Fi, or the contents of any SMS messages or calls."
Either way, “the hackers can potentially still do a lot of damage by having access to the users’ phone numbers and SIM serial card numbers, including taking over your phone number," Yaari said.
“Once the hackers take over your phone number, they can use it for illicit purposes or even bypass two-factor authentication that uses SMS," Yaari added.
One Google Fi and Reddit user claimed he was alerted in his email about suspicious activity on his account.
The same user said they witnessed their mobile account getting hacked in real time, called Google Fi for help, and Google Fi didn't believe them.
During the last T-Mobile breach, hackers were able to steal only basic information, such as customer names, billing addresses, emails, and phone numbers.
Yaari suggested affected customers, at a minimum, “should consider changing out their SIM card” just to be safe.
There has been no word from Google about how many customers may have been affected.
Google’s first mobile carrier launched in 2015 and currently only serves users located in the United States.
“Given the serious nature and impact of the breach, it’s surprising that Google has not disclosed the number of customers impacted, like what we have seen in other major breaches,” said Yaari.
It’s also not clear how many customers Google Fi even has.
In 2021, Fierce Wireless estimated the number of Google Fi customers in the half-a-million range – a paltry amount when compared to T-Mobile’s 113 million.
To help secure sensitive information, Google's email suggested customers:
- Enable 2-step verification
- Remove unwanted access to data by managing what apps have access to your phone
- Make sure all apps and mobile device operating systems are up to date
- Use unique and strong passwords for all your accounts
According to the email, there “was no access to Google's systems or any systems overseen by Google.”
Your email address will not be published. Required fields are markedmarked