USCellular Hacked – Hackers Gained access to its CRM Software

USCellular is one of the mobile network operators that protect its customer’s privacy and strictly follows all its protection policies. But, recently, the USCelluar has encountered a data breach in which the hackers managed to get access to its CRM and customers’ accounts.

USCellualar is taking all its steps to safeguard the personal information of its customer and asserted that retail store operators were scammed into downloading its software onto a computer.

What happened?

The experts have detected a data breach on the 6th of January 2021 and reported that in this data breach, they had detected some unauthorized individuals who have gained access to the customer’s account and wireless phone number.

But, there are some employees who are from a retail shop, and they were successfully got hacked by unauthorized hackers and later have downloaded the software onto a store computer.

This system will eventually allow the threat actors to operate the store’s computer and can steal all the credentials of the customer and can also enter the CRM system.

Data involved 

The data that was involved in the data breach are mentioned below:- 

  • Address
  • PIN Code
  • Cellular telephone number

Information regarding the wireless service includes:-

  • Service Plan
  • Usage
  • Billing Statement

Moreover, this data breach also involves some sensitive personal information:-

  • Social Security number
  • Credit card number

What USCellular is doing?

After getting known about the data breach, the USCellular is trying to take all the steps to prevent all the information from being disclosed by the threat actors. The computer that are being accessed by the threat actors were removed immediately so that the experts can prevent further fraudulent activity on customer account.

USCellular has immediately changed the authorized contact PIN and security question answer of the customers that were being hacked by the threat actors. Moreover, USCellular has reported this data breach to law enforcement along with the Federal Communication Commission.

Security measures you can take 

As a security measure, the first thing is to reset your “My Account” password by going to the My account option. Not only this, but the customer can directly contact the USCellular to change your PIN on the USCellular my account and security question/answer.

Experts suggested that every user must create a strong password by avoiding sequences, repetition, and mirroring personal information such as social security number or date of birth.

After learning of the attack, USCellular separated the infected computer and reset the employee’s passwords. However, all the affected customers should be on the scene for targeted phishing scams seizing information that are stolen from the CRM.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.