"The personal information of yours that may have been viewed includes the following: phone number, device type, device ID, monthly recurring charges, subscriber ID, account number, account creation date, upgrade eligibility, first and last name, billing address and add-on services," the US telco said.
Sprint said the information hackers had access to did not pose "a substantial risk of fraud or identity theft," although, many might disagree with its assessment.
The company said it re-secured all compromised accounts by resetting PIN codes, three days later, on June 25.
Unknown number of compromised accounts
The Sprint account breach notification lacks a few important details, such as the number of breached accounts, the date when hackers first started accessing Sprint accounts via the Samsung.com website, and if hackers modified any customer account details.
ZDNet reached out to Sprint with all these questions, along with an inquiry of how Sprint discovered the breach in the first place. A spokesperson did not respond in time for this article's publication.
This is the second account breach notification letter Sprint is sending this year. The company also suffered another breach via Boost Mobile, a virtual mobile network and Sprint subsidiary.