US mobile network operator Sprint has experienced a serious data breach affecting an unknown number of customers whose accounts were accessed by an unidentified third party via the Samsung.com “add a line” website. The company has reset all impacted accounts.
According to Sprint, the compromised information includes “phone number, device type, device ID, monthly recurring charges, subscriber ID, account number, account creation date, upgrade eligibility, first and last name, billing address and add-on services.” The firm claims that the breach does not pose “a substantial risk of fraud or identity theft,” but this ignores the fact that the data can most definitely be used by threat actors to launch a various types of cyber attacks and fraud campaigns.
Read more: Sprint says hackers breached customer accounts via Samsung website