American Telecommunications Firm, T-Mobile Confirmed Data Breach and Sim Swapping Attacks

 

After an undisclosed number of subscribers were reportedly hit by SIM swap attacks, American telecommunications company T-Mobile has announced a data breach. The organization believes that this malicious conduct has been detected very easily and that it has taken steps to stop it and discourage it from continuing in the future. 

SIM swap attacks (or SIM hijacking) permits scammers who use social engineering or bribing mobile operator workers to a fraudster-controlled SIM to gain a charge of their target telephone number. They then receive messages and calls from victims and enable users to easily bypass multi-factor authentication (MFA) through SMS, steal user identifiers, and take over the victims' Online Service Accounts. Criminals will enter the bank accounts of the victims and take money, swap passwords for their accounts, and even lock the victims out of their own accounts. 

T-Mobile disclosed that an anonymous perpetrator had access to customer account details, including contact information and personal id numbers- in the communication of violation sent to affected consumers on 9 February 2021. As the attackers have been able to port numbers, it is not known whether or not they have been able to access an employee's account by means of the affected account users.

"An unknown actor gained access to certain account information. It appears the actor may then have used this information to port your line to a different carrier without your authorization," T-Mobile said.

 

"T-Mobile identified this activity—terminated the unauthorized access, and implemented measures to protect against reoccurrence".

Client names, emails, e-mail addresses, account numbers, Social Security Numbers (SSN), PINs, questions and responses about account security, date of birth, schedule information, and a number of lines signed up to their accounts may have been used for the information stolen by hackers stated T-Mobile.

 

"T-Mobile quickly identified and terminated the unauthorized activity; however we do recommend that you change your customer account PIN."

Affected customers of T-Mobile are encouraged to update their name, PIN, and security questions and answers. Via 'myTrueIdentity' from Transunion, T-Mobile is providing two years of free surveillance and identity fraud prevention services. Details on how to log on to these systems are given to the recipient of the data breach notice that is sent to the compromised customers. Changing PIN and security concerns, since both have been weakened, should be a top priority at this time.