T-Mobile has had more data breaches in recent years than I can count or track, and the latest seems to have affected customers who aren’t even their own subscribers. Tonight, Google Fi is sharing information with customers about access to their data, thanks to their “primary network provider” noticing suspicious activity on the system they use.

For those unfamiliar, Google Fi uses the T-Mobile network for most of its connections. In this situation, the “primary network provider” will almost certainly be T-Mobile, and the recent T-Mobile data breach could very well be related to Google Fi accounts.

According to an email that hit Google Fi customer inboxes tonight, Google is telling people that T-Mobile has informed them of “suspicious activity involving a third-party system that contains a limited amount of Google Fi customer data.” This customer data includes “when your account was activated, details of your mobile data plan, SIM card serial number, and active or inactive account status.” does not containname, date of birth, email address, payment card information, social security or tax identification number, driver’s license or other form of government-issued identification, financial account information, passwords or PINs you may use for Google Fi, or the content of any SMS messages or calls“.

Currently, Google Fi says you don’t have to take any action, they just inform you of the situation. They also made it clear that they have confirmed the unauthorized access and are working with T-Mobile to implement measures to protect all of this data.

Here is the full text of the letter:

Dear Google Fi Customer,

We inform you that the main network provider of Google Fi recently reported to us suspicious activity related to a third-party system that contains a limited amount of data about Google Fi clients.

No action is required from you at this time.

This system is used to support Google Fi customers and contains limited data, including your account activation date, your mobile data plan, SIM card serial number, and active or inactive account status.

It does No contain your name, date of birth, email address, payment card information, social security or tax identification number, driver’s license or other form of government-issued identification or financial account information, passwords or PINs that you may use for Google Fi, or the content of any SMS messages or calls.

Our incident response team investigated and determined that there was unauthorized access and worked with our primary network provider to identify and implement measures to protect data on this third party system and notify anyone who may be affected. There was no access to Google systems or any systems controlled by Google.

If you are a heavy Fi user, please note that your Google Fi service continues to operate normally and has not been interrupted due to this issue.

What does this mean for me?

  • The information available included your phone number and limited technical information. This includes information about when your account was activated, your SIM serial number, account status (such as whether your data plan is active or inactive), and limited information about your mobile data plan and options provided by your Google Fi service. (for example, unlimited SMS or international roaming).

For more information

  • As always, be prepared for phishing attempts. To learn more about best practices, check out our tips on how to avoid phishing.
  • Learn more about how to keep your information safe on Google Fi.
  • We are always here for our customers and ready to offer support. If you have any questions or need assistance, please see this Help Center article for contact options and Issue ID 267187948.

Sincerely,

GoogleFi team

If you have problems, they recommend that you contact support.