Hackers hit Chicago-based mobile network operator US Cellular, and the company reported that threat actors figured out a way to trick employees into running malware software in a few stores. Now, data of 52,000 people has been dumped, for free, on a hacking forum.
Tricking employees into running software, opening attachments or clicking on malicious links is straight from the hacker playbook. Circumventing security solutions and the network infrastructure is almost impossible, so attackers hit the next vulnerable link, the human sitting between the keyboard and chair. Why bother defeating layer upon layer of protection when you can have someone open the door?
According to a Security Media Group report, that’s exactly what the hackers did. They tricked employees of a third-party service provider, and they were in.
"We have been made aware of a recent security incident at a former third-party vendor resulting in unauthorized access to now out-of-date US cellular customer data. Our relationship with this third-party vendor was for a limited time," said a US cellular spokesperson.
There's a thin silver lining to this entire story, according to the spokesperson. The attacker only managed to get their hands on names, email addresses and a few other types of account information. Other stuff, such as Social Security and credit card numbers, are not part of this data breach.
The Security Media Group report also includes the fact that a user by the name "IntelBroker" posted the database, containing 144,000 entries, on a well-known forum. Unfortunately, that database does contain some private information, including customer subscriber ID, subscriber and account keys, account balance, and a few other things that don't belong on a public forum.
Want to stay on top of data breaches and leaks? Consider using Bitdefender’s Digital Identity Protection service that helps you manage and control your digital footprint. Our dedicated privacy tool automatically searches for any leaked personal data online (including the dark web), sending you real-time alerts when any of your private information has been exposed.
If you’re worried about malicious actors or fraudsters abusing your identity and financial information, check out our new Bitdefender Identity Theft Protection plans (available for US only) that offer real-time data breach monitoring and fraud monitoring, among many other perks, to protect against identity theft.
tags
Silviu is a seasoned writer who followed the technology world for almost two decades, covering topics ranging from software to hardware and everything in between.
View all postsDecember 27, 2024
December 24, 2024
December 19, 2024