News Heading - 1

Mint Mobile Confirms Security Breach After User Data Compromised

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer
  • Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

Mint Mobile disclosed a recent data breach incident wherein unauthorized threat actors accessed personal information of its users, which can result in potential SIM swap attacks.

Mint Mobile, US-based mobile virtual network operator (MVNO) that offers low cost, pre-paid plans. In March 2023, it was acquired by the US-based T-Mobile for $1.35 billion.

On December 22, the company started sending email notices to its users about the security breach. Titled, ‘‘ Important information regarding your account ,’’ the email notified impacted customers that a hacker had stolen certain information related to their account.

“We are writing to inform you about a security incident we recently identified in which an unauthorized actor obtained some limited types of customer information,’’ the email notice read. ‘’Our investigation indicates that certain information associated with your account was impacted,’’ it continued.

The exposed customer information includes, customer name, telephone number, email address, SIM serial number and IMEI number (a device identifier similar to a serial number), and a brief detail about the purchased service plan.

Mint assured its customers that they had already resolved the issue and had partnered with third-party security experts to mitigate the threat and prevent occurrence of similar incidents in the future.

The company said that there was no need for the impacted customers to take any action to secure their accounts. In case of any questions, they were directed to contact the given customer support number (949-704-1162).

In a public post, a Mint moderator on Reddit informed users about the email notice and customer support number. ‘’If you received a notice via email from no-reply@account.mintmobile.com on December 22, 2023, it is from Mint and is not a scam. The Customer Care number was setup to handle specific questions about this communication.’’

Previously, in 2021, the company suffered a data breach wherein a small number of users phone numbers were ported to another carrier, by an unauthorized threat actor.

News Heading - 2

ESO Solutions’ Data Breach Impacts 2.7 Million Individuals

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer
  • Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

Austin-based software services provider for healthcare companies and fire departments, in a public notice revealed that data belonging to nearly 3 million patients has been compromised in a security-related incident.

According to the notice , the incident was first detected by ESO on September 28, 2023, which resulted in data exfiltration before the hackers encrypted a number of its system. Upon discovery, ESO Solutions immediately isolated the impacted system, deployed additional security measures, and partnered with third-party forensic experts to gauge the impact and scale of the incident.

During the ongoing investigation, it discovered that a system containing sensitive information of patients had been breached. ‘’On October 23, 2023, ESO determined that personal and patient health information was located on one of its impacted systems,’’ the notice revealed. It is said to affect individuals registered with its customers, i.e., hospitals and clinics in the US.

The stolen information included, ‘’names, dates of birth, injury type and date, treatment type and date, procedure information, and, in some cases, Social Security Numbers.’’

The security-incident was reported to the concerned Federal authorities, including the FBI. All the impacted customers were first notified on December 12, and some of the affected healthcare facilities sent our individual breach notices to patients.

In addition to securing and restoring its systems and operations ‘’via viable backups,’’ ESO will be offering a 12-month identity monitoring service coverage to all impacted individuals.

Although the full list of hospitals and facilities impacted was not disclosed by the organizations; the notice filed with the Office of the Maine Attorney General revealed the following names:

  • Mississippi Baptist Medical Center
  • Memorial Hospital at Gulfport Health System
  • Merit Health River Oaks
  • Forrest General Hospital
  • Alaska Regional Hospital
  • ESO EMS Agency
  • Providence Kodiak Island Medical Center
  • Ascension Providence Hospital in Waco
  • Manatee Memorial Hospital
  • Desert View Hospital
  • CaroMont Health

In recent days, several prominent healthcare facilities, particularly in the US, have been victims of ransomware attacks, like Norton Healthcare, Ardent Health Services, among others.