Every time that there is a leak like this it’s infinitely aggravating how the spin department tries to downplay what happened. If you are using SMS based MFA you probably want to stop doing that now.

  • squirmy_wormy@lemmy.world
    link
    fedilink
    English
    arrow-up
    13
    ·
    edit-2
    11 months ago

    Isn’t the bulleted list the stuff that was lost? They say “we don’t have govt id stuff so that can’t be stolen, the CC info wasn’t affected, here’s the info that was potentially hit”

    This seems like a great email to get. They know what subsystem was hit and are telling people.

    • cybervseas@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      ·
      11 months ago

      I don’t think people understand the impact of IMEI and SIM serial being compromised. I’m not sure I fully do, either. This feels like when a mechanic gives you too much technical information that you don’t know how to process.

      • Alto@kbin.social
        link
        fedilink
        arrow-up
        3
        ·
        11 months ago

        People really, really hate clicking past the post, even if it’s just to a screenshot.

        Heaven forbid its an article

    • FuglyDuck@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      1
      ·
      11 months ago

      To clarify for people wondering, SIM and IMEI information is how the system knows your phone is… your phone.

      Cloning it is supposed to be hard, but with it, they can receive 2FA messages like “Is This You? Text Y back!”.

      It’s actually super easy, if they have enough information, to convince a carrier’s customer service that they are you (remember… never work the system when you can work the people who manage it.)