Google informs Fi subscribers that they’ve been caught up in the recent T-Mobile data breach

As a Google Fi user who’s been subscribed since the very beginning of the service’s life, it hits me hard to hear news like I have to deliver today. Fi has pretty much always done right by me, been reliable, and has been the easiest one to use amongst its competitor’s thanks to the simple and straightforward app.

Today, we learned that the T-Mobile data breach that occurred a few weeks ago included Google Fi customer data. For those who aren’t aware, Fi utilizes three separate service providers – T-Mobile, Sprint, and U.S. Cellular. Technically, it’s two since the Sprint and T-Mobile merger was finalized back in 2020, but still. This helps users have the best signal by being dynamically placed on the best service tower based on their location and such.

Anyway, Google sent out an email to Fi customers today revealing that it was caught up in the aforementioned data breach, and by extension, so were you and I. What was stolen consisted of no personally identifiable information like your name, email address, credit or debit card information, government ID, or password.

Instead, the hackers have nabbed your data plan information, SIM card serial number, and account status (active or inactive). While it’s not ideal that anything was stolen, as these can easily be used to target users for phishing attempts via spammy phone calls and email campaigns, it’s certainly good to hear that the super private info was kept safe.

Dear Google Fi customer,

We’re writing to let you know that the primary network provider for Google Fi recently informed us there has been suspicious activity relating to a third party system that contains a limited amount of Google Fi customer data.

There is no action required by you at this time.

This system is used for Google Fi customer support purposes and contains limited data including when your account was activated, data about your mobile service plan, SIM card serial number, and active or inactive account status.

It does not contain your name, date of birth, email address, payment card information, social security number or tax IDs, driver’s license or other form of government ID, or financial account information, passwords or PINs that you may use for Google Fi, or the contents of any SMS messages or calls.

Our incident response team undertook an investigation and determined that unauthorized access occurred and have worked with our primary network provider to identify and implement measures to secure the data on that third party system and notify everyone potentially impacted. There was no access to Google’s systems or any systems overseen by Google.

If you are an active Fi user, please note that your Google Fi service continues to work as usual and was not interrupted by this issue.

What does this mean for me?

The accessed information included your phone number and limited technical information. This includes information about when your account was activated, SIM card serial number, account status (for example, whether your plan is active or inactive), and limited details about the mobile service plan and options provided by your Google Fi service (such as unlimited SMS or international roaming).

Contents of the email Google sent out today

At this time, Google has not stated whether all or just a handful of Fi subscribers were affected, but it has been clear that none of its servers or any servers it oversees have been touched by the bad actors. Does this make you want to switch away from T-Mobile? Does it make you think twice about using Google Fi for your phone service? Let’s discuss this in the comments, and know that if any further information comes to light regarding this data breach, we will inform you right away!