Boost Mobile, a virtual mobile network owned by Sprint, has confirmed hackers have broken into an unknown number of customer accounts. “Boost.com experienced unauthorized online account activity in which an unauthorized person accessed your account through your Boost phone number and Boost.com PIN code,” said the notification. “The Boost Mobile fraud team discovered the incident and was able to implement a permanent solution to prevent similar unauthorized account activity.” A Sprint spokesperson didn’t say how many customers are affected, but said Boost “was the target of a security data breach.” “The Boost IT team identified unusual activity on a page of the Boost.com website, blocked access and not long after implemented a permanent solution,” said the spokesperson. The hackers used those phone numbers and account PINs to break into customer accounts using the company’s website Boost.com, said the notification. Hackers can automate account logins using lists of exposed usernames and passwords — or in this case phone numbers and PIN codes — in what’s known as a credential stuffing attack.