UScellular Experiences a Major Data Breach

Posted on by Dawna M. Roberts in News February 12, 2021

The Bleeping Computer reported on January 28 that UScellular suffered a major data breach after hackers accessed its CRM software system.

Who is UScellular?

UScellular is an American mobile network operator. They are based out of Chicago, Illinois, and are the fourth largest wireless network in the country. They have roughly 4.9 million customers across 23 states.

U.S. Cellular was founded in 1983 as a subsidiary of Telephone and Data Systems Inc., which still owns 84% of the company. On September 24, 2020, they rebranded their name as UScellular and changed their logo.

What Happened?

In a report filed with the Vermont Attorney General’s office, the attack occurred on January 4. According to the details, the hackers targeted employees who had access to its customer CRM software and tricked them into downloading software. Only a handful of employees were scammed, but it was enough for hackers to install malware and gain access to customer information.

These types of incidents often involve scams using the ruse of IT or customer service professionals providing assistance. The employees believe they are legitimate and therefore follow the instructions provided. The report filed with the Vermont Attorney General does not specify how the attack was carried out, just that it occurred.

Although the attack was spotted on January 6, only two days, attackers had plenty of time to exfiltrate customer data.

The data breach included customers’ names, addresses, cell phone numbers, details of their wireless plan, and PINs used to access their account. Hackers may also have had access to billing information. Unfortunately, hackers used some of this information to port these customer phone numbers to other carriers for their own personal use.

Once hackers gained full access to the stolen mobile number, they could essentially use it to spoof two-factor authentication and breach other online accounts. Alarmingly for the customers, this could also allow hackers to breach customer photos, SMS messages, and other sensitive and private data.

How Did UScellular Respond?

Upon learning about the incident, UScellular took quick action and secured the infection. They also immediately changed all PINS, security questions, and answers, along with passwords for account access, for those customers affected. UScellular also alerted all affected customers and informed them about taking additional security precautions.

UScellular commented in their data breach notification that “On January 6, 2021, we detected a data security incident in which unauthorized individuals may have gained access to your wireless customer account and wireless phone number. A few employees in retail stores were successfully scammed by unauthorized individuals and downloaded the software onto a store computer.

Since the employee was already logged into the customer retail management (“CRM”) system, the downloaded software allowed the unauthorized individual to remotely access the store computer and enter the CRM system under the employee’s credentials.”

They further explained what the data breach covers with “As indicated above, your customer account was impacted in this incident. Information about your customer account includes your name, address, PIN code, and cellular telephone numbers(s) as well as information about your wireless services, including your service plan, usage, and billing statements known as Customer Proprietary Network Information (“CPNI”).”

They did reassure the public and customers that no social security numbers or credit card details were accessed.

Safety Precautions for Affected Customers

Customers involved in the data breach should be extra watchful for any scams, blackmail schemes, and other types of fraud. They should also:

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagram’s c... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “Alien” is ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the country, ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% of the... Read More

Scan Your Records for Breaches, Leaks & Exposures!