Sprint's customer notification (shared by ZDNet) stated that "recently detected fraudulent attempts to access Sprint user account information via Samsung.com, using Sprint login credentials that were not obtained from Samsung." According to a company spokesperson the exposed customer data does not pose "a substantial risk of fraud or identity theft. Phishing attacks succeed when they're believable and the hacked Sprint data would allow hackers to create some very believable emails to target potential victims. The data included customer account and phone numbers, account creation dates, Sprint subscriber IDs, device type, unique device IDs, and upgrade eligibility. No Samsung user data was exposed in the attack.

Source: Forbes July 17, 2019 12:11 UTC