Risky Bulletin Newsletter
February 01, 2023
Risky Biz News: Google discloses breach of its Fi cell service
Presented by

News Editor
Google did not name the upstream operator by name, but its Fi service uses only two upstream providers, namely T-Mobile and US Cellular, and T-Mobile disclosed a security breach to the SEC earlier this month—so connecting the dots is definitely not rocket science.
While Google told customers they should be wary of possible phishing emails trying to leverage this incident, at least one Reddit user says the email they received from Google Fi also included an additional line notifying them that their Fi service was changed to a new SIM card as part of what looks like a SIM swapping incident. However, this scenario is currently being called into question as, per Google's email, the supposed stolen data would not have been enough to perform a SIM-swapping attack.
GitHub breach: GitHub says that a threat actor breached internal source code repositories and stole two code-signing certificates. The breach took place last year on December 7. GitHub says the certificates were encrypted and password-protected, and as a result, they haven't seen any sign they were misused in the wild. Furthermore, both certificates were about to expire in January and February this year and will become useless to the intruder either way. The breached repositories contained the source code of the GitHub Desktop app and the GitHub Atom code editor. GitHub's security team says it did not find any unauthorized edits to the code, and both apps remain safe to use.