DM来た！「Google Fi」不正アクセス発生報告

Google が主に米国で展開している MVNO サービス「Google Fi」は 2023 年 1 月 30 日（月）、不正アクセスの発生を報告 DM を顧客に対して送信しました。

私も「Google Fi」ユーザーということで、該当の DM が送られてきています。そのざっくりとした内容は、「Google Fi」主要ネットワークプロバイダー（T-Mobile）が不正アクセスによる顧客データへの不審な動きを検知したという内容。

DM では、現時点では特別な対応は不要ということを前提としていますが、そのデータ流出の可能性と、今後の Google による不正アクセスの特定とデータ保護実施の影響を受ける可能性について説明が行われています。とはいえ、流出した可能性のあるデータは、「Google Fi」を有効化した時期、契約中プラン、SIM シリアルナンバー、アカウントの有効化状況などの限られたもので、アカウント名や氏名、メールアドレス、パスワード、生年月日、支払情報、通話履歴、SMS 履歴などのアカウントに紐づく個人情報の流出はない模様。知られたところで、特に問題のないデータです。

ただやはり、Google や T-Mobile による強固なセキュリティがかいくぐられて不正アクセスされてしまったという事実には変わりありません。とりあえず、Google による今後の改めての報告を待ちます。

Dear Google Fi customer,

We’re writing to let you know that the primary network provider for Google Fi recently informed us there has been suspicious activity relating to a third party system that contains a limited amount of Google Fi customer data.

There is no action required by you at this time.

This system is used for Google Fi customer support purposes and contains limited data including when your account was activated, data about your mobile service plan, SIM card serial number, and active or inactive account status.

It does not contain your name, date of birth, email address, payment card information, social security number or tax IDs, driver’s license or other form of government ID, or financial account information, passwords or PINs that you may use for Google Fi, or the contents of any SMS messages or calls.

Our incident response team undertook an investigation and determined that unauthorized access occurred and have worked with our primary network provider to identify and implement measures to secure the data on that third party system and notify everyone potentially impacted. There was no access to Google’s systems or any systems overseen by Google.

If you are an active Fi user, please note that your Google Fi service continues to work as usual and was not interrupted by this issue.

What does this mean for me?

• The accessed information included your phone number and limited technical information. This includes information about when your account was activated, SIM card serial number, account status (for example, whether your plan is active or inactive), and limited details about the mobile service plan and options provided by your Google Fi service (such as unlimited SMS or international roaming).

For more information

• As always, be alert for phishing attempts. For more about best practices, see our advice on how to avoid phishing.
• Read more about keeping your Google Fi information safe.
• We’re always here for our customers and available to offer support. If you have any questions or require assistance, please see this Help Center article for contact options and reference issue ID 267187948.

Sincerely,

Google Fi Team

Source：Google Fi