US carrier admits it's been hacked two months ago
According to the notification posted by Boost Mobile this week, the data breach happened on March 14 and hackers gained access to an unknown number of customer accounts.
In a worst case scenario, the data breach might have given hackers access to all 15 million customers that Boost Mobile had back in 2018. Apparently, hackers have used phone numbers and account PINs to break into customers accounts using Boost Mobile's website.
Unfortunately, these codes can be used to modify account settings, which allowed hackers to automate account logins using lists of exposed usernames and passwords (phone numbers and PIN codes in this case). If you're a Boost Mobile customer, you should receive a text with a temporary PIN, if you haven't already.