Find out what we’ve learned, how we’re responding, and how we’re working to keep your personal data safe.
What happened
We learned that Cricket customer data was illegally downloaded from our workspace on a third-party cloud-based application. We have confirmed the affected access point has been secured.
Our investigation found that the downloaded data included phone call and text message records of nearly all of Cricket customers from May 1, 2022 to October 31, 2022 as well as on January 2, 2023. These records identify other phone numbers that a Cricket wireless number interacted with during this time. For a subset of the records, one or more cell site ID numbers associated with the interactions are also included.
We continue to work with law enforcement in their efforts to arrest those involved, we understand that at least one person has been apprehended.
Data that was involved
The call and text records identify the phone numbers with which a Cricket number interacted during this period. It also included counts of those calls or texts and total call durations for specific days or months. For a subset of records, one or more cell site identification number(s) associated with the interactions are also included.
We’ll notify current and former customers if their information was involved.
Data that wasn’t involved
The downloaded data doesn’t include the content of any calls or texts. It doesn’t have the time stamps of calls or texts.
While the data doesn’t include customer names, there are often ways to find a name associated with a phone number using publicly available online tools.
What we are doing
Protecting your data is one of our top priorities. We have confirmed the access point has been secured.
We hold ourselves to a high standard and commit to delivering the experience that you deserve. We constantly evaluate and enhance our security to address changing cybersecurity threats and work to create a secure environment for you. We invest in our network’s security using a broad array of resources including people, capital, and innovative technology advancements.
Frequently Asked Questions
- Only open text messages from people that you know and trust.
- Don’t reply to a text from an unknown sender with personal details.
- Go directly to a company’s website. Don’t use links included in a text message. Scammers can build fake websites using forged company logos, signatures, and styles.
- Make sure a website is secure by looking for the “s” after the http in the address. You can also look for a lock icon at the bottom of a webpage.
- Reminder: To help protect yourself from online fraud, you should always remain cautious of email or text requests asking for personal, account, or credit card information. You can find tips and information on how to identify fraud and cyber threats here.
- Suspicious text activity: Do not reply. Learn how to forward the text to Cricket so we can assist you. Forwarded messages are free and won’t count toward your text plan.
- You are a target of fraud on your Cricket wireless number: Call our customer service number for help.
Cricket customers who received a direct mail notice
Submit a data request
Cricket customers who received a SMS notice
Please submit a legal demand subpoena to our registered agent - CT Corp for handling and processing. You can look up service address information for CT Corp. at: Service of Process Locations | Wolters Kluwer. Once this is complete, your request will be handled.
Have additional questions?
Contact us at 1-800-CRICKET (274-2538)