Mint Mobile has reported a violation of their security and a breach of data after an unauthorized individual obtained access to their patron’s account details and ported their telephone numbers to another carrier.
According to the warning of infringement of data issued to affected subscribers, a threat actor transported the phone number without authorization to another carrier between 8 June and 10 June for a “small” number of subscribers.
Mint Mobile further revealed that an unauthorized individual may also have access to personal information for subscribers, including telephone records, names, addresses, emails, and passwords.
“Between June 8, 2021, and June 10, 2021, a very small number of Mint Mobile subscribers’ phone numbers, including yours, were temporarily ported to another carrier without permission,” Mint Mobile disclosed.
“While we promptly took efforts to reverse and restore your service, some information that may include a name, address, telephone number, email address, password, bill, international call data, telephone numbers, and subscription information could have been obtained from unauthorized persons.”
Mint Mobile did not disclose how the threat actor has obtained access to information from subscribers, based on the accessed data, but hackers have probably hijacked user accounts or compromised a Mint mobile application used for client management.
Because the threat actor may have access to your password for Mint Mobile, our internal experts strongly recommended that you update your password.
Because the threat actor may have access to your password for Mint Mobile, it is strongly recommended that you update your password.
Moreover, a number of threats, like phishing, may have been employed by the threats actors to acquire access to the authentication codes supplied over text messages on the ported numbers that they have access to.
As a result, Mint Mobile also warns the customers to “guard other accounts which use your telephone number for validation and reset the passwords of their account.”
USCellular reported a similar incident in January, following a hoax of threats made in the company’s cellphones by staff.
By gaining the keys to remote access, the hackers have accessed and ported the customer’s numbers with the customer relationship management (CRM) software.
To read more, please check eScan Blog
