Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Hackers Access Sprint Accounts via Samsung Website

US telecoms company Sprint has informed some customers that their Sprint accounts have been accessed by hackers via a Samsung website.

US telecoms company Sprint has informed some customers that their Sprint accounts have been accessed by hackers via a Samsung website.

In a letter sent out to impacted customers, Sprint said it learned of unauthorized access to accounts on June 22 and affected accounts were “re-secured” on June 25. The company said the attackers gained access to personal information via Samsung’s “add a line” website, which allows customers to add a new line of service to their plan.

According to Sprint, information such as name, phone number, billing address, device type, subscriber ID, account number, account creation date, monthly recurring charges, upgrade eligibility, and add-on services may have been compromised.

“No other information that could create a substantial risk of fraud or identity theft was acquired,” Sprint said.

The company claims it has not detected any fraudulent activity associated with impacted accounts, but it has warned customers that their PIN has been reset as it may have been compromised.

Samsung told CNET that the Sprint login credentials used to access accounts were not obtained from its own systems, which suggests that the attackers used credentials from a third-party breach and relied on the fact that many users set the same password for multiple online services.

“We deployed measures to prevent further attempts of this kind on Samsung.com and no Samsung user account information was accessed as part of these attempts,” Samsung said.

SecurityWeek has reached out to Sprint for more details about the attack and the number of impacted customers, but the company has yet to respond.

Advertisement. Scroll to continue reading.

“Even though the exact amount of Sprint customers affected is unknown, the company claimed 54.5 million customers in Q1 2019. For security and privacy reasons, every user should assume that his or her information may have been compromised in this breach,” said Ben Goodman, CISSP and SVP of global business and corporate development at ForgeRock. “The information exposed in this latest breach of Sprint’s customers can be combined with previously stolen data to create effective credential stuffing lists for brute force attacks on other accounts or even highly targeted phishing attacks. All of Sprint’s customers should take precautionary measures to protect other accounts by enabling multi-factor authentication (MFA) and changing login credentials.”

“Even if Sprint’s website was secure, the intruders gained unauthorized access via Samsung.com. The attack landscape is constantly expanding and organizations must be prepared to secure customer data by implementing security strategies and tools that respect customer privacy and prescribe real-time, contextual and continuous security that detect unusual behavior and prompt further action, such as identity verification via MFA,” Goodman added.

Earlier this year, Sprint subsidiary Boost Mobile warned an unspecified number of customers about unauthorized access to their accounts.

Related: T-Mobile Data Breach Hits Over 2 Million Customers

Related: Canadian Telecom Firm Freedom Mobile Exposed Customer Details

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Cloud security giant Wiz has named Fazal Merchant as President and Chief Financial Officer.

Cybersecurity and data protection company Acronis has appointed Gerald Beuchelt as CISO.

Adam Zoller has joined CrowdStrike as Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.