Click to Skip Ad
Closing in...

Sprint says hackers used Samsung’s website to access customer account data

Published Jul 16th, 2019 11:59PM EDT
Sprint Hack
Image: Cultura/REX/Shutterstock

In late June, hackers managed to access an unknown number of Sprint accounts by exploiting a security loophole on Samsung’s “add a line” website, according to a new report from ZDNet.

According to Sprint, which sent out a letter to impacted subscribers, some of the information possibly accessed by the hackers includes the following: first and last names, phone numbers, billing addresses, device type, subscriber ID, account number, account creation date, upgrade eligibility, add-on services, and more.

Sprint was made aware of the hack on June 22 and reset the pin numbers of impacted users just a few days later. Sprint also made a point of emphasizing that the information accessed by the hackers shouldn’t create a “substantial risk of fraud or identity theft.”

What remains unclear, though, is how long the hackers had unfettered access to the information above. Sprint referenced the date they were made aware of the attack, but didn’t provide information as to how long its data may have been vulnerable.

In a statement provided to CNET, a Sprint spokesperson said the following:

We recently detected fraudulent attempts to access Sprint user account information via Samsung.com, using Sprint login credentials that were not obtained from Samsung. We deployed measures to prevent further attempts of this kind on Samsung.com and no Samsung user account information was accessed as part of these attempts.

Yoni Heisler Contributor

Yoni Heisler has been writing about Apple and the tech industry at large for over 15 years. A life long Mac user and Apple expert, his writing has appeared in Edible Apple, Network World, MacLife, Macworld UK, and TUAW. When not analyzing the latest happenings with Apple, Yoni enjoys catching Improv shows in Chicago, playing soccer, and cultivating new TV show addictions.