Google is in the process of telling Google Fi customers that their data was stolen as part of the T-Mobile breach earlier this month.
Good Jan 5, a hacker breached T-Mobile’s network and stole data from 37 million customer accounts. Google Fi uses T-Mobile’s network for the majority of its connections, and it seems the hacker was therefore able to access Google Fi customer data as well.
The Google Fi team emailed customers yesterday to inform them “there has been suspicious activity relating to a third party system that contains a limited amount of Google Fi customer data.” The information stolen includes:
-
phone number
-
SIM card serial number
-
when an account was activated
-
account status (active, inactive)
-
mobile service plan details (eg unlimited SMS, international roaming)
No Google systems were accessed directly during the data breach and no customer personal information was taken beyond what’s listed above.
Google was keen to point out in the email that the data stolen “does not contain your name, date of birth, email address, payment card information, social security number or tax IDs, driver’s license or other form of government ID, or financial account information, passwords or PINs that you may use for Google Fi, or the contents of any SMS messages or calls.”
Recommended by Our Editors
Any customer receiving this email from Google Fi needs to be alert for phishing attempts. The hacker got just enough information that someone could sound quite convincing on a call or in an email.
Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.