Sadly, it’s all too common for consumers to receive notices of “unusual account activity” these days. Yes, service providers might send out these letters after learning of a data breach that affected a large portion of their customer base. But sprawling security incidents aren’t the only motivation here for issuing these types of notifications. Indeed, you might receive such a letter of disclosure following a much more small-scale, even personal, security event.

I recently experienced this first hand.

DevOps Experience

An Intriguing Letter from my cellular provider

This past week, I received a letter in the mail from my provider. In its notice, customer service warned me of “unusual account activity” associated with my online account. “Unusual account activity” is not something that anyone wants to hear. More than that, it’s a phrase that tends to raise red flags among savvy users these days, as it’s a common lure employed by phishers and other digital attackers.

That being said, I was still intrigued as to what this could possibly be. So I kept reading. Here’s a copy of the notice I received:

By the time I finished reading the notice, the carrier had my full attention. Someone had possibly stolen my username and password for my account. But how? Even more concerningly, had they managed to do anything with my account?

I turned to Google to see if I had perhaps missed any security announcements or anything else along those lines, but I came up empty for anything current. That’s when I decided to reach out to customer service. Fortunately, I was able to get some information.

The support rep with whom I spoke told me that someone had gone into a one of the carriers many retail locations on June 26th and had attempted to access my account. This representative (Read more...)