Mint Mobile data breach allowed attacker to port phone numbers

An email sent on Saturday to affected customers by Mint Mobile discloses there was a breach of the carrier's systems. The breach, which occurred between June 8 and June 10, reveals a "very small number of Mint Mobile subscribers' phone numbers were affected by the incident.

According to Mint, phone numbers associated with the accounts were "temporarily ported to another carrier without permission," reports Bleeping Computer. Mint also admits the attacker may have gained access to some account information, including names, phone numbers, email addresses, passwords, and account numbers.

Mint did not say how the breach took place, but it is likely to have been a compromise of an application used by customer service agents. The carrier does advise customers who receive the email to change their account password, and to be vigilant of other accounts that uses the phone number for two-factor authentication purposes.

The attack on the carrier is the latest to demonstrate the need for high security for customer-facing support systems. In late June, Microsoft confirmed that the hacking group thought to be behind the SolarWinds breaches used a compromised customer service agent's computer to steal information, data later used to attack Microsoft's customers.

Keep up with everything Apple in the weekly AppleInsider Podcast — and get a fast news update from AppleInsider Daily. Just say, "Hey, Siri," to your HomePod mini and ask for these podcasts, and our latest HomeKit Insider episode too.

If you want an ad-free main AppleInsider Podcast experience, you can support the AppleInsider podcast by subscribing for $5 per month through Apple's Podcasts app, or via Patreon if you prefer any other podcast player.