Sprint says hackers breached customer accounts
"Information such as customers' account Personal Identification Numbers (PINs) may have been compromised, however credit card and social security numbers are encrypted and were not compromised," Sprint said in a statement for CNET.
Sprint told customers in a letter that the breach occurred on June 22nd and specified that the hack revealed customers' first and last name, billing address, phone number, subscriber ID, account number, device type, device ID, monthly charges, account creation date, upgrade eligibility and any add-on services. While this is a lot of information, Sprint claims this is not enough information that would pose a substantial risk for fraud or identity theft, but some people would disagree with such an assessment. The hack happened via the Samsung "add a line" website.
Samsung also came up with a statement saying the following: "We recently detected fraudulent attempts to access Sprint user account information via Samsung.com, using Sprint login credentials that were not obtained from Samsung. We deployed measures to prevent further attempts of this kind on Samsung.com and no Samsung user account information was accessed as part of these attempts."