Skip to main content

Hackers used Samsung website to access Sprint’s customer data

Sprint Corporation, an American telecommunications company has announced that it has suffered a data breach after unknown hackers accessed customer accounts credentials using the Samsung.com “add a line” website.
Originally, the company was informed about the breach on June 22nd, 2019. The personal information which was accessed in the incident included full names, phone numbers, billing address, device ID,  device type, subscriber ID, account creation date, account number, monthly recurring charges, upgrade eligibility and add-on services.
Although, it is unclear how many customers have been impacted, the breach notification notice [PDF] sent to customers stated that “Your account PIN may have been compromised, so we reset your PIN just in case in order to protect your account.”
The company further said that all targeted accounts were re-secured on June 25, 2019.
“Sprint has taken appropriate action to secure your account from unauthorized access and has not identified any fraudulent activity associated with your account at this time,” the company claimed.
Sprint has apologized for the breach and urged that customers should follow preventative measures recommended by the Federal Trade Commission (FTC).
“As a precautionary measure, we recommend that you take the preventative measures that are recommended by the Federal Trade Commission (FTC) to help protect you from fraud and identity theft. These preventative measures are included at the end of this letter. You may review this information on the FTC’s website at www.ftc.gov/idtheft andwww.IdentityTheft.gov or contact the FTC directly by phone at 1-877-438-4338 or by mail at 600 Pennsylvania Avenue, NW, Washington, DC 20580.”
Sprint is also asking customers to follow below-mentioned steps to keep their accounts protected from malicious access:
1. Place a fraud alert on your credit reports, and review your credit reports.
2. Close the accounts that you believe have been tampered with or opened fraudulently.
3. File a report with your local police or the police in the community where the identity theft took place.
4. Visit the Federal Trade Commission’s Identity Theft website, IdentityTheft.gov, or for more information on reporting and recovering from identity theft.
5. Contact your state’s Attorney General or Consumer Protection Agency for more information on reporting and recovering from identity theft.
This, however, is not the first time when Sprit has suffered a data breach. In May this year, Sprint-owned virtual mobile network operator Boost Mobile informed its customers that it suffered a data breach allowing hackers to access some user accounts – The total number of impacted customers was not shared with the public.
Labels:

Comments

Post a Comment

Popular posts from this blog

List Of Sql Infected Sites-HACKEREAD

SQL injection  is a  code injection  technique, used to  attack  data-driven applications, in which malicious  SQL  statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).  SQL injection must exploit a  security vulnerability  in an application's software, for example, when user input is either incorrectly filtered for  string literal   escape characters  embedded in SQL statements or user input is not  strongly typed  and unexpectedly executed. SQL injection is mostly known as an attack  vector  for websites but can be used to attack any type of SQL database. List of SQL Infected sites:  http://www.genhound.co.uk/source.php?id=477 http://www.lcoastpress.com/journal.php?id=8 http://www.travellers-tales.co.uk/travelJournal.php?id=42 http://www.arrowvalves.co.uk/content.php?id=8 http://www.reaplasrack.co.uk/content.php?id=129 http://www.arrowval...
Post a Comment
Read more

Google dork list for XSS (Cross- site scripting)-2020

GOOGLE DORK LIST FOR Cross-site scripting -2020 Google Dorks  its also known as google query ,List “Google Hacking” is mainly referred to pull the sensitive information from Google using advanced search terms that help users to search the index of a specific website, specific file type and some interesting information from unsecured Websites. Google Dorks list  2020 can uncover some incredible information such as email addresses and lists, login credentials, sensitive files, website vulnerabilities, and even financial information (e.g. payment card data). Here you can see an example to understand how  Google Darks   password  used by hackers to gain sensitive information from specific websites. You can also use for Exploit DB site to give you according to you Search state. https://www.exploit-db.com/ “ inurl: domain/ ” “ additional dorks A hacker would simply use in the desired parameters as follows: inurl = the URL of a site you want...
Post a Comment
Read more

Popular Android Zombie game phish users to steal Gmail credentials

The app made its way to Google Play Store was also found phishing users for Facebook credentials. Scary Granny ZOMBY Mod: The Horror Game 2019 is the latest game on Google Play Store that is condemned by the digital security fraternity for sneakily stealing personal data from unsuspecting users. The game, which has been downloaded for over 50,000 times, was available for Android devices making Android users its primary target. The malicious app attempts to collect sensitive information such as Facebook and Gmail login credentials. The malicious activities of Scary Granny ZOMBY Mod were detected by the mobile security firm Wandera. The company found out that the app asks users to enter their Gmail or other Google account credentials, which are then used for collecting private data of the user by hijacking the account –  All of this happens, unsurprisingly, without alerting the user. Gmail phishing page on the supposed gaming app (Screenshot: Wandera) Rese...
Post a Comment
Read more