CNET Deal Days are here Facebook reportedly plans to rename itself Pixel 6 event recap Apple event recap Maid to dethrone The Queen's Gambit Marvel's Eternals: Surprise cameo

Sprint customer accounts breached by hackers

The breach happened by way of a Samsung web page.

A Sprint store logo seen in Los Angeles, California

Sprint customer accounts were breached via a Samsung web page.

Ronen Tivony/SOPA Images/LightRocket via Getty Images

Sprint has confirmed a data breach, telling customers that hackers broke into their accounts through a Samsung website. The number of customer accounts breached isn't yet known, CNET sister site ZDNet reported Tuesday.

The hack occurred June 22, Sprint told its customers in a letter, and included details like first and last name, billing address, phone number, subscriber ID, account number, device type, device ID, monthly charges, account creation date, upgrade eligibility and any add-on services. It occurred via the Samsung "add a line" website. 

"No other information that could create a substantial risk of fraud or identity theft was acquired," Sprint said. The carrier added it has "taken appropriate action" to secure all accounts, and hasn't found any fraudulent activity resulting from the breach.

Now playing: Watch this: Putting Sprint's 5G to the test on the LG V50

Sprint said it notified customers on June 25 of a PIN reset "just in case" their PIN had been compromised. In, Sprint was also breached via its Boost Mobile prepaid subsidiary -- it said hackers used Boost phone numbers and PIN codes to gain access to Sprint accounts.

"Information such as customers' account Personal Identification Numbers (PINs) may have been compromised, however credit card and social security numbers are encrypted and were not compromised," Sprint told CNET in an emailed statement.

A Samsung spokesperson told CNET the company takes security very seriously.

"We recently detected fraudulent attempts to access Sprint user account information via, using Sprint login credentials that were not obtained from Samsung," the spokesperson said in an emailed statement. "We deployed measures to prevent further attempts of this kind on and no Samsung user account information was accessed as part of these attempts."