A data breach has been confirmed by Google Fi, the company that runs Google’s mobile network, and it’s likely connected to the recent security incident at T-Mobile that allowed hackers to steal the personal information of millions of users.
The primary network provider for Google Fi recently alerted the company that there had been suspicious activity relating to a third party support system containing a “limited amount” of Google Fi customer data, according to an email sent to customers on Monday and obtained by TechCrunch.
The timing of the notice and the use of T-Mobile and U.S. Cellular by Google Fi for network connectivity raise the possibility that the breach is connected to the most recent T-Mobile hack. Billing addresses, dates of birth, and T-Mobile account information were among the personal information belonging to 37 million customers that was exposed in this breach, which was made public on January 19. The incident was the eighth hacking incident against T-Mobile since 2018.
Limited customer information was accessed in the Google Fi breach, according to Google, including phone numbers, account status, SIM card serial numbers, and details about the customers’ mobile service plans, such as whether they chose unlimited SMS or international roaming.
According to Google, the hackers did not steal users’ passwords, PINs, payment card information, personal information, or the contents of text messages or phone calls.
One Google Fi customer claimed in a Reddit post that their disclosure stated that their phone number had briefly been hijacked, a practice known as SIM swapping, despite the fact that some emails informed customers that “no action is required.” According to reports, Google informed the client that the unauthorized party had their phone number for nearly two hours and “could have involved the use of your phone number to send and receive phone calls and text messages.” Using this method, hackers can access a victim’s other online accounts that are secured by the same phone number, albeit one that has been taken over.
TechCrunch contacted Google to inquire about its ability to confirm that the incident was related to the recent T-Mobile data breach, but has not yet heard back. How many Google Fi subscribers have been impacted by the breach is not immediately clear. The total number of cell subscribers that Google has is unknown.
The business informed customers via email that it is collaborating with the network provider—which has not yet been named—to “identify and implement measures to secure the data on that third-party system and notify everyone potentially impacted.” It further stated that no access to Google’s systems or any systems under Google’s control existed.