US customers of T-Mobile have fallen victim to SIM Swapping. The telecom company does not want to say how many customers have been affected by this. However, the provider does say that employees have prevented worse by intervening quickly.
This is what you need to know about SIM Swapping
With SIM Swapping, cybercriminals manage to convince telecom companies to transfer a 06 number to another SIM card. They pose as a victim whose SIM card has been broken or stolen. For mobile internet and to be able to make calls, they ask an employee to transfer their telephone number to another SIM card, which they have purchased in advance.
Providers don’t just do this. They first try to establish the identity of the caller. To do this, they ask a number of verification questions, such as what their zip code is, or what the last three digits of their bank account are. Scammers try to collect such information in advance, for example by studying their victim’s social media or buying personal data stolen on the dark web. If the answers to the verification questions are correct, the mobile number will be activated on another SIM card.
Once the scammers take control of a phone number, they can do all sorts of nasty things with it. They can then take over your online accounts such as social media and payment services, bypass two-step verification or commit WhatsApp fraud. Every year dozens of people in our country are victims of SIM Swapping. This often makes them several thousand euros lighter.
‘Small number of customers’ suffer from SIM Swapping
In the US, T-Mobile customers have fallen victim to SIM Swapping. According to a spokesperson, this concerns ‘a small number’ of customers, BleepingComputer reports. He would not say exactly how many people are involved. He confirms that all victims have been informed that scammers have transferred their 06 number to another SIM card, or that they have seen a small number of account details.
“Unfortunately, we see unauthorized SIM Swaps across the industry. However, this issue was quickly corrected by our team using our existing security measures. We have also proactively taken additional protective measures on behalf of the victims,” the spokesperson said. He declined to give more details about the incident.
The news about these SIM Swapping practices follows closely on the news of a new data breach. The blog The T-Mo Report reported earlier this week that data from T-Mobile customers are once again on the street. Internal documents from the provider would show that the calling behaviour and call history of customers would have been leaked. The T-Mobile spokesperson cannot confirm reporting about this.
Hacker steals personal data from tens of millions of T-Mobile customers
This is not the first data breach that T-Mobile has been confronted with this year. In August, a hacker managed to infiltrate the provider’s corporate network via an unsecured router. This allowed him to copy names, residential addresses, copies of IDs, social security numbers, IMEI and IMSI numbers for a week. In total, he managed to steal the personal data of 54.8 million (former) customers.
T-Mobile CEO Mike Sievert tried to minimize the damage but failed. Shortly after the data breach, two mass claims were filed against the telecom company. In addition to compensation, the victims’ lawyers demanded that T-Mobile increase the security of its systems.
“T-Mobile knew its systems were vulnerable to attacks. However, it failed to implement and maintain reasonable security procedures and practices appropriate to the nature of the information to protect its customers’ personal data. As a result, millions of customers are once again at high risk of fraud and identity theft. Customers expected and deserved better from the country’s second-largest provider,” said one of the indictments.
Catch up on more articles here
Follow us on Twitter here