Uber, the car-hailing and food-delivery giant, suffered through two high-profile data breaches last year. With that in mind, let’s look at some of the biggest hacks from last year to hopefully learn something from them. Let us know if you enjoyed reading this news on LinkedIn Opens a new window, Twitter Opens a new window, or Facebook Opens a new window. In its email, Google said it worked with the “primary network provider” and identified and implemented measures to secure the data and notified everyone impacted. Security measures should be reviewed on a regular basis and consideration, up to and including termination of contracts, must be made when a subcontractor fails to protect your data.” “No matter whom you are contracting services from, it’s important to understand the risks which you then accept as part of that partnership. If bad actors are able to SIM swap or receive these messages in place of the user, it can render the protection otherwise provided by MFA useless,” Kron continued.
“Cellular networks are very concerning when it comes to a breach as many people protect financials using Multi-Factor Authentication (MFA) through SMS messages. It is unclear how many other Google Fi customers faced similar emails. We have restored Google Fi service to your SIM card,” Google’s notification Opens a new window to the user reads. Despite the SIM transfer, your voicemail could not have been accessed. During the time of this temporary transfer, the unauthorized access could have involved the use of your phone number to send and receive phone calls and text messages. “On January 1, 2023, for about 1 hour 48 minutes, your mobile phone service was transferred from your SIM card to another SIM card. However, Google’s email to one customer revealed that the hackers could target them in a SIM-swapping attack for a better part of two hours. See More: Data Is a Candy Store for Hackers: What the Private Sector Must Learn About Protecting Sensitive DataĬomparatively, in the T-Mobile breach, the threat actor(s) accessed names, billing addresses, emails, phone numbers, dates of birth, T-Mobile account numbers and other information, including the number of lines on the account and plan features. Customer names, emails, payment card or financial account information, social security numbers, tax or government IDs, passwords and message contents have not been compromised.
Google data breach 2022 serial#
“Given the history of breaches related to T-Mobile, it would have been wise for Google to require additional and more stringent security measures than perhaps T-Mobile currently has in place.”ĭata that was compromised includes the phone numbers, SIM card serial number, when the account was activated, account status (whether active or inactive), and mobile service plan details (whether unlimited SMS, international roaming, etc.). While this practice is fairly common, when issues arise, the results can still be significant.” Connect the dots, and it is reasonably clear that the incident is related to the January 2023 T-Mobile breach, the carrier’s eighth since 2018.Įrich Kron, security awareness advocate at KnowBe4, told Spiceworks, “This is another example of where subcontracting services to others can result in problems for the main organization. However, there has been no breach at US Cellular, the other carrier that Google leverages for Fi. Google did not spell out the T-Mobile breach as the cause of the breach of its mobile virtual network operator (MVNO) service.
In an email to Google Fi users, the company apprised users of the breach relating to a “third party.” The breach comes nearly two weeks after the breach of 37 million customers of T-Mobile, Google’s primary cellular network provider. This week, Google confirmed a breach of customer data.
0 kommentar(er)
