Security News > 2021 > January > UScellular Breach Allowed Hackers to Port Customer Phone Numbers

UScellular Breach Allowed Hackers to Port Customer Phone Numbers
2021-01-29 16:35

Chicago-based wireless carrier UScellular started informing customers last week that their personal information may have been accessed and their phone numbers ported as a result of a cybersecurity breach.

Since employees were already logged into the CRM system, the attackers were able to access the CRM with the employee credentials and access wireless customer accounts and phone numbers.

"After accessing your account, a wireless number on your account was ported to another carrier by the unauthorized individuals," the company told customers in a data breach notice posted on its website.

UScellular said the attackers may have gained access to names, addresses, PIN codes, phone numbers, and information on wireless services, usage, and billing statements.

It's unclear why the attackers ported phone numbers, but taking control of someone's phone number can be highly useful to cybercriminals in some cases, particularly if they want to access an account protected with SMS-based two-factor authentication.

UPDATE: UScellular told SecurityWeek that only a "Small number" of customer accounts were impacted by the incident.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/I8bMGJ7eoKE/uscellular-breach-allowed-hackers-port-customer-phone-numbers