An unknown number of Sprint Corp. (NYSE: S) customers have had their personal info stolen by hackers. Sprint has confirmed that hackers were able to gain unauthorized access to some of its customer accounts via Samsung’s “add a line” website on June 22. The carrier said that it re-secured affected customer accounts three days after the breach on June 25.
The carrier has sent a letter to affected customers informing them of the breach. According to a statement from the company, The compromised information included the customers’ first and last name, phone number, device type, device ID, subscriber ID, account number, monthly recurring charges, account creation date, upgrade eligibility, billing address, and add-on services. The carrier said that credit card and social security numbers are encrypted and were not compromised during the breach.
Sprint says that it has taken appropriate action to secure the accounts of the affected customers from unauthorized access. The accounts were re-secured by resetting the account PIN. Sprint has not yet revealed the number of customers affected by the breach.
Samsung has confirmed that its website was used for fraudulent attempts to access Sprint user account information. The company said it has already enacted measures to prevent any such fraudulent attempts in the future. It also said that the Sprint login credentials used were not obtained from its website. No Samsung user account information was accessed as part of the hacking attempts.
This latest attack comes just four months after a data breach compromised user accounts from Sprint-owned Boost Mobile. That hacking breach was disclosed in May. Hackers apparently breached the accounts using Boost’s website PIN numbers and Boost phone numbers.
Sprint is currently the fourth-largest mobile network in America. The company is seeking a merger with T-Mobile, which is the third-largest mobile network. If the merger is successful, it would create a network that covers more than 126 million customers in the U.S.