fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Mint Mobile Hit By a Data Breach After Numbers Ported, Data Accessed

Mint Mobile Hit By a Data Breach After Numbers Ported, Data Accessed

Mint Mobile has disclosed a data breach after an unauthorized person gained access to subscribers’ account information and ported phone numbers to another carrier.

According to the data breach notification email sent to affected subscribers this weekend, between June 8th and June 10th, a threat actor ported the phone numbers for a “small” number of Mint Mobile subscribers to another carrier without uthorization.

In addition to the ported number, Mint Mobile disclosed that an unauthorized person also potentially accessed subscribers’ personal information, including call history, names, addresses, emails, and passwords.

“Between June 8, 2021 and June 10, 2021, a very small number of Mint Mobile subscribers’ phone numbers, including yours, were temporarily ported to another carrier without permission,” Mint Mobile disclosed.

“While we immediately took steps to reverse the process and restore your service, an unauthorized individual potentially gained access to some of your information, which may have included your name, address, telephone number, email address, password, bill amount, international call detail information, telephone number, account number, and subscription features.”

Also Read: The DNC Singapore: Looking at 2 Sides Better

Mint Mobile data breach notification
Mint Mobile data breach notification
Source: Reddit

While Mint Mobile has not said how the threat actor gained access to subscribers’ information, based on the accessed data, it is likely that hackers hacked user accounts or compromised a Mint Mobile application used to manage customers.

As the threat actors may have gained access to your Mint Mobile password, it is strongly advised that you change your password on your account.

Furthermore, threat actors could have used the ported number additional attacks, such as phishing, or to gain access to 2-factor authentication codes sent via text message.

Due to this, Mint Mobile is warning affected users to “protect other accounts that use your phone number for validation purposes and to reset account passwords.”

USCellular disclosed a similar attack in January after threat actors scammed employees into download software that provided remote access to the company’s devices.

Using this remote access, the hackers used customer relationship management (CRM) software to access subscriber’s personal information and port their numbers.

Also Read: 4 Best Practices on How to Use SkillsFuture Credit

BleepingComputer has reached out to Mint Mobile for more information but has not heard back as of yet.

Thx to @CatgirlDev for the tip!

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us