Mint Mobile says that customers are not required to take any further action after Mint said that it has fixed "the underlying issue." Mint Mobile sent out emails to affected customers pointing out that information like social security numbers and driver license numbers are not collected by Mint so that data is not part of the data breach.
On the other hand, with the stolen SIM serial number, an attacker can switch the victim's phone number to another device controlled by the attacker. This allows the criminal to sign in to banking, securities, and other financial apps belonging to the Mint Mobile customer by hijacking OTPs (one-time passwords that are sent to verify a user's identity) and using them to sign into these apps to take control of credit cards, stocks, cash, and other personal property.
It is important to point out that as of now, there is no sign that this data breach has led to SIM swap attacks against Mint Mobile subscribers.
Mint Mobile notified affected customers about the data breach by sending out an email
As an MVNO, Mint Mobile does not own any cell towers or wireless networks of its own. It essentially resells service from T-Mobile at a profit. If you're a Mint Mobile customer and received the email from the company disclosing the data breach, chances are that your personal data has been compromised. Mint Mobile set up a special customer service number for those with questions about the data breach. That number is (949) 704-1162.
To prevent a repeat of this incident, Mint Mobile says that it is partnering with "independent security experts."
ncG1vNJzZmivp6x7sbTOp5yaqpWjrm%2BvzqZmp52nqHyutc2tZKankp65pnnDmquaZZKnsqKvx5ignWllaIVxfw%3D%3D