Mint Mobile Discloses New Data Breach Exposing Customer Data (bleepingcomputer.com) 14
Mint Mobile has disclosed a new data breach that exposed the personal information of its customers, including data that can be used to perform SIM swap attacks. From a report: Mint is a mobile virtual network operator (MVNO) offering budget, pre-paid mobile plans. T-Mobile has proposed paying $1.3 billion to purchase the company. The company began notifying customers on December 22nd via emails titled "Important information regarding your account," stating that they suffered a security incident and a hacker obtained customer information.
"We are writing to inform you about a security incident we recently identified in which an unauthorized actor obtained some limited types of customer information," warns the Mint Mobile data breach notification. "Our investigation indicates that certain information associated with your account was impacted."
"We are writing to inform you about a security incident we recently identified in which an unauthorized actor obtained some limited types of customer information," warns the Mint Mobile data breach notification. "Our investigation indicates that certain information associated with your account was impacted."
Suspect #1 (Score:5, Funny)
"we recently identified in which an unauthorized actor.."
Was it Ryan Reynolds?
Re: (Score:2)
Are they even going to give me a year or two of free credit checks or whatnot? Isn't that the typical price companies charges themselves for having a data breach these days? LOL.
Re: (Score:2)
He spent all the security budget on Aviation Gin.
we keep hearing about data breaches (Score:5, Interesting)
Re: (Score:2)
This data is worth close to fuck all on the open market compared to potential value destruction of being caught. I'm all for a good conspiracy theory, but this conspiracy requires a truly insane amount of stupidity given the company is worth $1.35bn, stands to lose considerable value due to bad PR and potential legal implications compared to the pathetically small revenue it would generate.
Re: (Score:1)
It is a way to "sell" data and not get caught. That data is worth a substational amount, especially call logs and stuff on journalists and people that governments are chasing after, like China. A nation-state will easily pay a significant part of the company's worth if they could capture someone in another country who is a thorn in their side, or perhaps go after that person's family members.
It doesn't really take much for a compromise like this, especially if the company isn't doing much in security. Co
Re: we keep hearing about data breaches (Score:2)
Nope, no need for conspiracy theories. The average ITer is not capable of identifying and resolving security issues, so you leave it to a special department just to have a fall guy if something goes wrong. The cost of remediating often 20+ years of neglect is simply too high, you lose a million records, it costs you $2M in identity protection and you donâ(TM)t have to disclose anything for the next 2 years. There are very few competent people in this industry and few peoples are willing to accept they
"Good fit for company culture" (Score:2)
They must be practicing for when T-Mobile buys them.
And Intuit is sunsetting Mint to their other site (Score:2)
with far less features.
Time to set up 2FA if you are a customer (Score:2)
TFS states that the data includes the necessary details to transfer your cell phone number to another phone. Since this can allow a hacker almost unlimited access to many of your other accounts, I would be setting up 2FA immediately if I had Mint Mobile. I can see multiple people on Mint Mobile getting their bank and investment accounts drained due to this type of breach.