Mobile telecommunications organization T-mobile has recently reported a data breach incident since an undisclosed number of customers were found to be impacted by SIM swap attacks.
SIM swap attacks:
A SIM Swapping or SIM hijacking attack is a form of account capture fraud. Bad actors initially gather as much data as is accessible to them. These mainly include private phone numbers and email IDs.
When cybercriminals have hoarded enough data, they contact the target’s service providers impersonating the victim. The customer representatives are tricked into believing the victims need to port the number to a SIM card owned by the cybercriminal. Oftentimes, the scammer’s story will be something along the lines that the switch is needed due to the phone being stolen or lost.
Thereafter, the cybercriminals start receiving the victim’s private calls and messages, allowing them to evade the SMS-based multi-factor authentication (MFA). The cybercriminal now has access to user credentials as well as the victim’s private accounts.
The cybercriminals can also access the victims’ bank accounts to poach money, modify passwords, and can also lock the victims out of their own accounts.
T-mobile had also reported the data breach a few weeks ago, disclosing that an unknown cybercriminal has gained unauthorized access to the customer’s account data, which included personal information, and personal identification numbers (PINs).
Thereafter, T-mobile had promptly notified the impacted customers of the data breach incident.
Since the cybercriminals had been able to port numbers, it is still unclear whether they accessed employee account or did it via victimized user accounts.
T-mobile spokesperson has confirmed the data breach incident and had reported that the bad actor had gained unauthorized access to particular account data. It seems that the cybercriminals may have abused the data to port victims’ numbers to different carriers without authorization.
They have also affirmed that they have acknowledged this data breach and have ceased unauthorized access and implemented better cybersecurity measures to protect them against any future cybersecurity incidents.
The data accessed by the cybercriminals may have involved users’ full names, addresses, email IDs, account numbers, social security numbers, account PINs, account security questions and answers, date of birth, plan information, as well as the number of lines connected to their accounts.
The affected T-Mobile users are recommended to modify their personal account’s password, PINs, as well as their security questions and answers.
Multiple data breach incidents:
This is the fifth data breach reported by T-Mobile in the past four years, all of them being reported after cybercriminals gained unauthorized access to user information.
T-Mobile previously suffered data breaches in 2018 when millions of user data were accessed by cybercriminals and in 2019 after exposing prepaid user information.
The year 2020 was reported with the company facing two data breach incidents in the month of March as well as in December when a similar data breach incident struck T-mobile.