Google Fi, Google’s mobile virtual network operator (MVNO) service, has confirmed that there has been a data breach involving its customers’ information. The breach is believed to be related to a recent security incident at T-Mobile. The company has informed its customers of the breach through email.
According to Google, the hackers may have accessed limited customer information, including phone numbers, account status, SIM card serial numbers, and mobile service plan data. The number of affected accounts is not disclosed by Google.
Given the time of the notification and the fact that Google Fi uses a combination of T-Mobile and U.S. Cellular for network connectivity, it seems likely that the breach is related to the most recent T-Mobile attack. This breach, which was announced on January 19, gave intruders access to the personal information of 37 million users, including billing addresses, birth dates, and T-Mobile account information. Since the beginning of 2018, T-Mobile has been hacked eight times.
In the case of Google Fi, Google reports that hackers gained access to restricted client information, including phone numbers, account status, SIM card serial numbers, and information regarding mobile service plan specifics, such as whether unlimited SMS or international roaming was selected.
According to Google, the hackers did not steal personal information, payment card data, passwords, PINs, or the contents of text messages or phone conversations.
While several emails informed users that “no action is required,” at least one Google Fi client reported that their disclosure stated that their phone number had been temporarily hijacked, also known as SIM swapping. Google apparently informed the user that the intruders had transferred their phone number for over two hours, during which time they “may have used your phone number to send and receive phone calls and text messages.” This method is utilized by hackers to acquire access to a victim’s other online accounts that are protected by the same phone number, albeit one that has been compromised.
TechCrunch requested confirmation from Google that the event was related to the current T-Mobile breach, but the company has yet to respond. It is not immediately apparent how many Google Fi members have been compromised. Google has not disclosed the overall number of cell subscribers.
In an email to clients, the business said that it is collaborating with an unnamed network provider to “identify and implement procedures to safeguard the data on that third-party system and notify anyone who may be affected.” It was added that there was no access to Google’s systems or any other systems under its supervision.