Security & Fraud

Boost Mobile Notifies Customers Of Hacking Attack

Boost Mobile, a network owned by Sprint, has notified customers of a hacker attack that accessed an unknown number of accounts, according to a report. The company sent out a notification to its customers about the incident.

“On March 14, 2019, Boost.com experienced unauthorized online account activity in which an unauthorized person accessed your account through your Boost phone number and Boost.com PIN code,” the company said. “The Boost Mobile fraud team discovered the incident and was able to implement a permanent solution to prevent similar unauthorized account activity.”

The company did not explain how hackers gained access to customer PINs and did not specify many people were affected.

Boost did notify the California attorney general, which is required by law if more than 500 people are affected by the same incident. The company reportedly had 15 million customers last year.

The hackers used the phone numbers and account PINs to break into customer accounts on the Boost website. A common hacking strategy, called a credential stuffing attack, is to automate the account logins using lists of exposed credentials. Boost said it sent affected customers a text with a new temporary pin.

“Boost Mobile sent you a text notifying you that a new temporary PIN code had been established for your account with a link to the Boost.com site so you could change your PIN code and a contact number to call if you had questions,” the company said. “If you have already changed your PIN code, there is no further action necessary. If you have not reset your PIN code, we recommend that you reset it now. As a reminder, we recommend that PIN codes such as 1234 or 1010 are to be avoided.”

The company apologized to its customers and offered tips on how to deal with fraud: “We apologize for the inconvenience that this may cause you. Please be assured that our customers’ privacy is important to us and we will continue to take measures to safeguard your account and personal information. Please contact Boost Mobile Customer Care at 1-866-402-7366 if you have any questions or concerns regarding this matter,” the company said.

——————————

PYMNTS LIVE ROUNDTABLE: TUESDAY, JULY 14, 2020 AT 12:00 PM (ET)

Digital transformation has been forcefully accelerated, but how does that agility translate into the fight against COVID-era attacks and sophisticated identity threats? As millions embrace online everything, preserving digital trust now falls mostly on banks and FIs. Now, advances in identity data and using different weights on the payment mix afford new opportunities to arm organizations and their customers against cyberthreats. From the latest in machine learning for fraud and risk, to corporate treasury teams working in new ways with new datasets, learn from experts how digital identity, together with advances like real-time payments, combine to engender trust and enrich relationships.

TRENDING RIGHT NOW