Security breaches at mobile carriers and MVNOs are dangerous because they often hold large amounts of personal information and enforce SMS and call-based two-factor authentication. Mint Mobile just suffered a breach, so if you’re a Mint customer, you’d better keep reading.
Mint Mobile has disclosed a recent data breach that compromised customer information. The breach exposed personal information including names, phone numbers, email addresses, SIM serial numbers, and IMEI numbers. The network said credit card information was not part of the breach because it does not store it. When it comes to passwords, Mint Mobile emphasized that it uses “strong encryption technology” to protect passwords. By doing this, the company hopes to reassure users that their passwords will not be compromised, but it also means hackers may have obtained hashed/encrypted passwords, which is not a great outcome for LastPass. There wasn’t.
The company assured customers that it is resolving the breach and working with cybersecurity experts. However, the exposed data is enough for threat actors to carry out her SIM swapping attacks. A SIM swap involves porting a person’s number to an attacker’s device, allowing them to reset passwords and gain unauthorized access to her online accounts through her OTP code. Mint Mobile reassured users that there is no need to take immediate action, but they do provide a dedicated customer support number for breach inquiries, so if you have major concerns about a breach, be sure to contact that number. need to do it.
This is the second major data breach that Mint Mobile has experienced in recent years, with the company also falling victim to a similar breach in 2021. That’s possible because at the time, an unauthorized attacker was performing his SIM swaps on a large number of users. There is a possibility here as well. In July, someone also claimed to sell Mint Mobile data on a hacking forum, but it’s unclear whether that’s legal and whether it’s related to this breach, including some It appears to contain the last four digits of your credit card number. orders, expiration dates, etc.
We’ll have to wait and see the full story, but in the meantime, if you have any concerns as a Mint Mobile customer, please contact the company’s support.
Source: Bleeping Computer, Reddit