USCellular Hit by a Data Breach After Hackers Access CRM Software


US Cellular, which is a mobile network operator, has suffered a data breach after threat actors gained access to its CRM and took control over customer’s account details. As per the complaint that has been filed with the Vermont attorney general’s office, USCellular mentioned that retail store employees were scammed into downloading software onto a computer. 

This software has given permission to the threat actors to gain access to computers remotely, and as the company employee was logged into the customer relationship management (CRM), hackers acquired access to this as well. 

"On January 6, 2021, we detected a data security incident in which unauthorized individuals may have gained access to your wireless customer account and wireless phone number. A few employees in retail stores were successfully scammed by unauthorized individuals and downloaded the software onto a store computer." 

"Since the employee was already logged into the customer retail management ("CRM") system, the downloaded software allowed the unauthorized individual to remotely access the store computer and enter the CRM system under the employee's credentials," states the USCellular data breach notification. 

According to USCellular, the attack has taken place on January 4th, 2021. On the basis of the information given by the USCellular, it is unclear as to how many customers were affected and whether the employees were scammed via a phishing email or some other method has been used. 

While getting access to customers' accounts in the CRM, the malicious actors would have been able to get information including their names, addresses, PIN, cell phone numbers, service plan, and billing/usage statements. 

"As indicated above, your customer account was impacted in this incident. Information your customer account includes your name, address, PIN code, and cellular telephone numbers(s) as well as information about your wireless services including your service plan, usage, and billing statements known as Customer Proprietary Network Information ("CPNI")," the data breach notification further adds.

USCelluar also stated that customers' social security numbers and credit card information were not accessible as they are masked in the CRM; from a deleted data breach notification that was on USCellular's site, the hackers were able to port numbers for affected customers to another carrier. 

"After accessing your account, a wireless number on your account was ported to another carrier by the unauthorized individuals," stated USCellular. After learning about the attack, USCellular has taken the necessary steps to protect the system from further attacks. The measures included isolating the infected computer and resetting the employee's passwords.