February 1, 2023

In an email to customers affected by an unauthorized access, Google has informed users of its mobile phone network, Google Fi that their data had been stolen.

The information came from a third-party system at Google Fi’s “primary network provider,” according to Google’s email. Google also stated that the primary network provider for Google Fi recently informed the company of suspicious activity involving a third-party support system containing a “limited amount” of Google Fi customer data.

According to Google, the compromised system is used for customer support and stores “limited data,” such as when a customer’s account was activated, information about the plan, the SIM card serial number, and whether the account is active or inactive.

Customers name, date of birth, email, payment information, Social Security number, tax ID, driver’s license number, or other government ID information, financial information, passwords, PINs, or text message and call data are not included in the data.

While some emails told customers that there is “no action required,” others said that their phone number had been briefly hijacked, known as SIM swapping. But Google added that it is working with the network provider to “identify and implement measures to secure the data on that third-party system and notify everyone potentially impacted.”

The warning, as well as the fact that Google Fi uses T-Mobile and US Cellular for network connectivity, appears to suggest that the breach is related to the most recent T-Mobile hack. This breach, which was disclosed on January 19, gave hackers access to a plethora of personal data belonging to 37 million customers, including billing addresses, dates of birth, and T-Mobile account information.

The sources for this piece include an article in TechCrunch.