T-Mobile confirmed that the recent report about a new data breach was related to the company’s notifications sent to very few customers who became victims of SIM card exchange attacks. A T-Mobile spokesperson said: We have notified a very small number of customers that the SIM card assigned to the mobile phone number on their account may have been illegally reassigned, or limited account information may have been viewed.
Unfortunately, unauthorized SIM card exchanges are common throughout the industry, but our team quickly corrected this problem with the safeguards that had been prepared before, and proactively took extra protection for them. When asked to provide more information about the total number of affected customers and how the attackers successfully implemented the SIM card swap attack, T-Mobile declined to provide more details.
A spokesperson for the company said: We will not provide any additional information at this time. Thank you!
SIM card exchange (also known as SIM card hijacking) makes it possible for an attacker to deceive or bribe the operator’s employees to reallocate the number to the SIM card controlled by the attacker, thereby controlling the target’s mobile phone number.
T-Mobile is taking immediate steps to help protect all individuals who may be at risk from this cyberattack. If you have any questions, send us a DM and we can discuss steps to increase your account security. ^KenStone
— T-Mobile Help (@TMobileHelp) December 28, 2021
This allows the attacker to control the victim’s phone number and use it to bypass SMS-based multi-factor authentication (MFA), steal the victim’s credentials, log in to his bank account to steal funds, or hijack it by changing the password Its online account.
Therefore, all T-Mobile customers should be alert to any suspicious text messages or emails pretending to be from T-Mobile and do not click to open the received link to prevent attacks.
In the past 4 years, T-Mobile has exposed multiple data breaches, including a very similar incident that occurred in February 2021. At that time, the attackers used the internal T-Mobile application and used SIM swaps to attack more. Up to 400 users.
Since 2018, T-Mobile has exposed a total of 6 data breaches:
- In 2018, the information of millions of T-Mobile customers was stolen by hackers;
- In 2019, data leakage of T-Mobile prepaid customers;
- In March 2020, hackers broke into the email accounts of T-Mobile employees;
- In December 2020, customer proprietary network information (including phone numbers and call records, etc.) was stolen by hackers;
- In February 2021, hackers used SIM swaps to attack hundreds of users after gaining access to the internal T-Mobile application;
- In August 2021, the attacker forcibly broke into T-Mobile’s network after gaining access to the test environment.
As the number of SIM hijacking attacks against cryptocurrency investors and adopters continues to increase, the Federal Bureau of Investigation (FBI) has issued guidelines to prevent SIM hijacking attacks. In addition, the US Federal Trade Commission (FTC) has also released relevant information to guide users to protect personal information on mobile phones and online personal information.