Customers of Google Fi have been notified via email of “suspicious activity” that may have seen some lower-risk data exposed.
Somewhat ironically, Google Fi promises to be a “private and secure” phone plan that gives its subscribers access to unlimited data, end-to-end call encryption, VPN access, and more, for $50 per month (for one user).
Maybe less secure, though, is its “primary network provider” which informed Google that a “third party system that contains a limited amount of Google Fi customer data” was at risk. The unidentified network provider is likely to be T-Mobile, given that it supports a large portion of the Google Fi network and also experienced a data breach around the same time.
TechRadar Pro needs you!
We want to build a better website for our readers, and we need your help! You can do your bit by filling out our survey and telling us your opinions and views about the tech industry in 2023. It will only take a few minutes and all your answers will be anonymous and confidential. Thank you again for helping us make TechRadar Pro even better.
D. Athow, Managing Editor
Google Fi data breach
Google told its customers that data including account activation, mobile service plan details, SIM card serial numbers, and account status, are among the key areas said to be at risk.
It stresses that personally identifiable information is excluded from the breach, so anything from a customer’s name, contact details, and date of birth, to financial information and login credentials, should all be safe.
Google’s incident response team says that Google’s systems were not compromised, but that it has worked with the “primary network provider” to implement security measures.
Customers do not need to do anything, and their services continue to work as usual.
Despite this, one Reddit user claims to have received an email from Google Fi notifying them that their mobile phone service had been transferred from their SIM card to another for almost two hours.
The author discusses how their primary email account, a financial account, and an authenticator app had all been accessed by a hacker, who may have been able to bypass any SMS-based authentication and gain access to personal accounts.
Google did not immediately respond to TechRadar Pro’s request for comment on the matter.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!