Google Fi says hackers accessed customers’ information - TechCrunch

Google’s compartment web supplier Google Fi has confirmed a information breach, apt related to the caller security incident astatine T-Mobile, which allowed hackers to bargain millions of customers’ information.

In an email sent to customers connected Monday, obtained by TechCrunch, Google said that the superior web supplier for Google Fi precocious informed the institution that determination had been suspicious enactment relating to a 3rd enactment enactment strategy containing a “limited amount” of Google Fi lawsuit data.

The timing of the announcement — and the information that Google Fi uses a operation of T-Mobile and U.S. Cellular for web connectivity — suggests the breach is linked to the astir caller T-Mobile hack. This breach, disclosed connected January 19, allowed intruders entree to a trove of idiosyncratic information belonging to 37 cardinal customers, including billing addresses, dates of commencement and T-Mobile relationship details. The incidental marked the eighth clip T-Mobile has been hacked since 2018.

In the lawsuit of the Google Fi’s breach, Google says the hackers accessed constricted lawsuit information, including telephone numbers, relationship status, SIM paper serial numbers, and accusation related to details astir customers’ mobile work plan, specified arsenic whether they person selected unlimited SMS oregon planetary roaming.

Google said that the hackers did not instrumentality customers’ idiosyncratic accusation oregon outgo paper data, passwords, PINs, oregon the contents of substance messages oregon calls.

While immoderate emails told customers that determination is “no enactment required,” astatine slightest 1 Google Fi lawsuit claimed successful a Reddit post that their disclosure said that their telephone fig had been concisely hijacked, known arsenic SIM swapping. Google reportedly told the lawsuit that the intruders had transferred their fig for adjacent to 2 hours, during which they “could person progressive the usage of your telephone fig to nonstop and person telephone calls and substance messages.” This method is utilized by hackers to summation entree to a victim’s different online accounts that are protected by the same, albeit hijacked telephone number.

TechCrunch asked Google whether it could corroborate that the incidental was linked to the caller T-Mobile breach but has yet to person a response. It’s not instantly wide however galore Google Fi subscribers person been affected by the breach. Google hasn’t made nationalist however galore compartment subscribers it has successful total.

In its email to customers, the institution said it is moving with the as-yet-unnamed web supplier to “identify and instrumentality measures to unafraid the information connected that third-party strategy and notify everyone perchance impacted.” It added that determination was nary entree to Google’s systems oregon immoderate systems overseen by Google.

Updated to region a condemnation related to lawsuit voicemails.