In late June, hackers managed to access an unknown number of Sprint accounts by exploiting a security loophole on Samsung’s “add a line” website, according to a new report from ZDNet.

According to Sprint, which sent out a letter to impacted subscribers, some of the information possibly accessed by the hackers includes the following: first and last names, phone numbers, billing addresses, device type, subscriber ID, account number, account creation date, upgrade eligibility, add-on services, and more.

Sprint was made aware of the hack on June 22 and reset the pin numbers of impacted users just a few days later. Sprint also made a point of emphasizing that the information accessed by the hackers shouldn’t create a “substantial risk of fraud or identity theft.”

What remains unclear, though, is how long the hackers had unfettered access to the information above. Sprint referenced the date they were made aware of the attack, but didn’t provide information as to how long its data may have been vulnerable.

In a statement provided to CNET, a Sprint spokesperson said the following:

We recently detected fraudulent attempts to access Sprint user account information via Samsung.com, using Sprint login credentials that were not obtained from Samsung. We deployed measures to prevent further attempts of this kind on Samsung.com and no Samsung user account information was accessed as part of these attempts.

A life long Mac user and Apple enthusiast, Yoni Heisler has been writing about Apple and the tech industry at large for over 6 years. His writing has appeared in Edible Apple, Network World, MacLife, Macworld UK, and most recently, TUAW. When not writing about and analyzing the latest happenings with Apple, Yoni enjoys catching Improv shows in Chicago, playing soccer, and cultivating new TV show addictions, the most recent examples being The Walking Dead and Broad City.