T-Mobile’s Recent Data Breach Was Related to SIM Swap Attacks

by -375 views

Yesterday, T-Mobile reportedly detected unauthorized activity on some customer accounts. The carrier has now confirmed that “a very small number of customers” were indeed affected by SIM swap attacks, which triggered those unauthorized activity reports.

T-Mobile said information technology had informed the affected customers that they were victims of SIM swap attacks. A SIM swap assault, also called simjacking, SIM splitting, or Smishing, is a method to hijack peoples’ mobile phone numbers. In this case, T-Mobile employees were reportedly tricked or bribed into reassigning the victims’ telephone numbers to SIM cards controlled by the attackers. In a statement to
BleepingComputer, T-Mobile said:

“Nosotros informed a very minor number of customers that the SIM card assigned to a mobile number on their account may have been illegally reassigned or limited account information was viewed.

Unauthorized SIM swaps are unfortunately a mutual industry-broad occurrence, withal this event was quickly corrected by our team, using our in-place safeguards, and we proactively took additional protective measures on their behalf.”

SIM swap attacks requite the bad actors complete control of your phone number. Then, any service that sends you lot login, verification, or reset codes via SMS and MMS tin be taken over past the attackers. This ways that the set on can be used to steal credentials, take over social media accounts, and even steal coin from bank accounts. Such attacks are usually used to target cryptocurrency investors and adopters. Following a spike in the number of cases, the FBI even shared pointers to help defend against such attacks.

T-Mobile reportedly said it had dodged the bullet and corrected the underlying issue. However, information technology did not reveal how many customer accounts were compromised and how the bad actors executed the SIM swap attacks.

This is the 7th data alienation that the carrier has disclosed since 2022. Information technology is remarkably similar to another SIM swap assault in Feb 2022, when hackers targeted as many as 400 customers using an internal T-Mobile application to execute the assail.

Co-ordinate to the FBI, y’all can stay protected from such SIM swap attacks by post-obit these tips:

  • Don’t leave personal data such as social security numbers and cryptocurrency keys in your email account. Also, avoid posting your phone number and like details online.
  • Avoid posting details most your financial assets on social media.
  • Request your carrier (like T-Mobile) to place a Pivot on your account that prevents unauthorized changes.
  • Asking your carrier to append a note to your account, and so any changes to it would take to be fabricated in person.
  • Avoid reusing passwords across multiple accounts.
  • Prefer using an app like Google Smart Lock for iOS or Google Authenticator instead of relying on SMS verification codes when you fix ii-gene authentication on any online account.

If you know of any other ways to stay safety from SIM swap attacks, share them with us in the comments section below!

[Via BleepingComputer]

Source: https://www.iphonehacks.com/2021/12/t-mobiles-recent-data-breach-related-sim-swap-attacks.html

Posted by: Sadiyev.com