Home News Data breach affects Sprint’s customer accounts

Data breach affects Sprint’s customer accounts

Samsung Galaxy S7

The U.S.-based telecommunications firm Sprint recently revealed that hackers broke into customers’ accounts through a Samsung.com “add a line” website.

In a letter to its customers, Sprint said the attack occurred on June 22, 2019, and compromised customers’ sensitive information, including first and last name, billing address, phone number, subscriber ID, account number, device type, device ID, monthly charges, account creation date, upgrade eligibility, and any add-on services, the ZDNet reported.

“On June 22, Sprint was informed of unauthorized access to your Sprint account using your account credentials via the Samsung.com “add a line” website. We take this matter, and all matters involving Sprint customer’s privacy, very seriously,” Sprint stated in its letter.

“The personal information of yours that may have been viewed includes the following: phone number, device type, device ID, monthly recurring charges, subscriber ID, account number, account creation date, upgrade eligibility, first and last name, billing address and add-on services. No other information that could create a substantial risk of fraud or identity theft was acquired. Sprint has taken appropriate action to secure your account from unauthorized access and has not identified any fraudulent activity associated with your account at this time,” the letter added.

Sprint urged its customers to follow preventive measures recommended by the Federal Trade Commission (FTC) as a precautionary measure.

Earlier, a suspicious third-party app called ‘Updates for Samsung’ had more than 10 million download attempts to trick Android-based Samsung phone users into paying for their firmware updates. According to a report from CSIS Security Group, the original Updates for Samsung app was meant to provide operating updates for free. But the hackers used the fake application to infect the users’ devices with malicious codes after downloading the fake application.

Detailing how the app worked Aleksejs Kuprins, a security researcher at CSIS Security Group, said “The app is called Updates for Samsung and pledges to deliver any OS update for any Samsung device ever released. It also offers to unlock phones regardless of the network operator and provides Android-related content from the developer’s website, updato[.]com.”