Security News > 2023 > February > Google Fi data breach let hackers carry out SIM swap attacks
Google Fi, Google's U.S.-only telecommunications and mobile internet service, has informed customers that personal data was exposed by a data breach at one of its primary network providers, with some customers warned that it allowed SIM swapping attacks.
Google sent notices of a data breach to Google Fi customers this week, informing them that the incident exposed their phone numbers, SIM card serial numbers, account status, account activation date, and mobile service plan details.
The exposed technical SIM data allowed threat actors to conduct SIM swap attacks on some Google Fi customers, with one customer reporting that the hackers gaining access to their Authy MFA account.
As the Google Fi data breach includes phone numbers, which can easily be linked to a customer's name, and the serial number of SIM cards, it would have made it even more convincing when contacting a mobile customer support representative.
Google sent a separate notice to customers impacted by SIM swap attacks, disclosing that the attackers managed to port their numbers to another SIM for a short time.
"On January 1, 2023, for about 1 hour 48 minutes, your mobile phone service was transferred from your SIM card to another SIM card. During the time of this temporary transfer, the unauthorized access could have involved the use of your phone number to send and receive phone calls and text messages. Despite the SIM transfer, your voicemail could not have been accessed. We have restored Google Fi service to your SIM card." - Google.
- A10 Networks confirms data breach after Play ransomware attack (source)
- Pepsi Bottling Ventures suffers data breach after malware attack (source)
- LA housing authority discloses data breach after ransomware attack (source)
- Hitachi Energy confirms data breach after Clop GoAnywhere attacks (source)
- Dole discloses employee data breach after ransomware attack (source)
- GitHub Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom (source)
- Hackers Abused Microsoft's "Verified Publisher" OAuth Apps to Breach Corporate Email Accounts (source)
- Hackers use new IceBreaker malware to breach gaming companies (source)
- North Korean hackers stole research data in two-month-long breach (source)
- GoAnywhere MFT zero-day vulnerability lets hackers breach servers (source)