Incident & Breach Response , Security Operations

UScellular Customer Data on Hacker Forum

Data Leaked From a Third-Party Vendor
UScellular Customer Data on Hacker Forum
Image: UScellular

U.S. wireless telecom UScellular says a data breach at a third-party vendor resulted in a leak of 52,000 names and email addresses.

See Also: 2023 Exabeam State of Threat Detection, Investigation, and Response Report

The company confirmed that data from the leak is available for download on a criminal data breach forum. The regional carrier serves roughly 5 million customers, and its largest geographical spread of wireless coverage is in the American Midwest.

The hacker behind the breach did not directly target UScellular's system but obtained data through a third-party service provider, a spokesperson for UScellular told Information Security Media Group.

"We have been made aware of a recent security incident at a former third-party vendor resulting in unauthorized access to now out-of-date UScellular customer data. Our relationship with this third-party vendor was for a limited time," the spokesperson added.

The data set is freely available for download on a popular hacker forum as seen by ISMG. A user named "IntelBroker" listed the entire data set of 144,000 entries with a disclaimer for those interested in downloading the data, stating it consists of multiple duplicate records that need filtering.

The spokesperson told ISMG that the data included names, email addresses and other account information but not Social Security numbers, credit card numbers or other sensitive data.

The data set published on the hacker forum does include other sensitive information, such as customer subscriber ID, subscriber and account keys, account activation date, device manufacturer and model, account balance, and whether the user is enrolled in autopay and/or has an insurance policy on their device.

In December 2021, a breach exposed UScellular's customer and employee data (see: UScellular: Hackers Accessed Customer Data).

UScellular's spokesperson said the two incidents are unrelated.

About the Author

Mihir Bagwe

Mihir Bagwe

Principal Correspondent, Global News Desk, ISMG

Bagwe previously worked at CISO magazine, reporting the latest cybersecurity news and trends and interviewing cybersecurity subject matter experts.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.