Hackers broke into Sprint accounts through Samsung's website

It's unclear how many people were affected.

Sponsored Links

Ronen Tivony/SOPA Images/LightRocket via Getty Images
Ronen Tivony/SOPA Images/LightRocket via Getty Images

Sprint's security team is having a very, very lousy 2019. On top of the earlier Boost Mobile breach, the carrier has revealed that hackers obtained "unauthorized access" to an unspecified number of Sprint accounts through Samsung's "add a line" website. The provider said that the data didn't pose a "substantial risk" for fraud or identity theft and didn't include credit card or social security numbers, but there's still good reason for concern. Intruders may have seen names, billing addresses, phone numbers, device IDs and account numbers, among other sensitive details.

The network found out about the breach on June 22nd, and reset PIN codes for all the affected accounts on June 25th. In a statement to CNET, Samsung said the attempts were using Sprint login details that "were not obtained from Samsung." The phone maker also rolled out additional "measures" to reduce the chance of future breaches.

We've asked Sprint for more info, including when it believes the breach took place, the number of affected users and whether or not there's evidence the account data was changed or used. The access through Samsung's portal suggests the scale was limited (it's not the same as attacking Sprint directly). Regardless, it's really not what the network likely wanted to report -- especially not with its T-Mobile merger already hanging in the balance.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget