Google Fi hit by data breach following T-Mobile hack
>
Google Fi customers have been notified via email of “suspicious activity” that may have exposed lower-risk data.
Somewhat ironically, Google Fi promises to be a “private and secure” phone plan that gives its subscribers access to unlimited data, end-to-end call encryption, VPN access, and more, for $50 per month (for one user).
Perhaps less secure, however, is the “primary network provider” who informed Google that a “third-party system containing a limited amount of Google Fi customer data” was at risk. The unknown network provider is likely T-Mobile as it supports much of the Google Fi network and also experienced a data breach around the same time.
Google Fi data leak
Google told its customers that data, including account activation, mobile plan details, SIM card serial numbers, and account status, are among the top areas at risk.
It highlights that personally identifiable information is excluded from the breach, so everything from a customer’s name, contact details and date of birth, to financial information and login details, should all be secure.
Google’s incident response team says Google’s systems have not been compromised, but it has worked with the “primary network provider” to implement security measures.
Customers do not have to do anything and their services continue to work.
Despite this, a Reddit (opens in new tab) user claims to have received an email from Google Fi stating that their cell phone service was switched from their SIM card to another for almost two hours.
The author discusses how their primary email account, a financial account, and an authentication app were all accessible to a hacker, who could potentially bypass any SMS-based authentication and gain access to personal accounts.
Google did not immediately respond to TechRadar Pro’s request for comment on the matter.
Through 9To5Google (opens in new tab)