T-Mobile discloses data breach after SIM swapping attacks

T-Mobile discloses data breach after SIM swapping attacks


Image: Mika Baumeister


American telecommunications provider T-Mobile has disclosed a data breach after an unknown number of customers were apparently affected by SIM swap attacks.


SIM swap fraud (or SIM hijacking) allows scammers to take control of targets' phone numbers after porting them using social engineering or after bribing mobile operator employees to a SIM controlled by the fraudsters.


Subsequently, they receive the victims' messages and calls which allows for easily bypassing SMS-based multi-factor authentication (MFA), stealing user credentials, as well taking over the victims' online service accounts.


The criminals can then log into the victims' bank accounts to steal money, change account passwords, and even locking the victims out of their own accounts.


The FBI shared guidance on how to defend against SIM swapping following an increase in the number of SIM hijacking attacks targeting cryptocurrency adopters and investors.


Undisclosed number of SIM swap attacks


In a data breach notice sent to impacted customers on February 9, 2021, and filed with US attorney generals' offices, T-Mobile revealed that an unknown attacker gained access to customers' account information, including personal info and personal identification numbers (PINs).


As the attackers were able to port numbers, it is not clear if they gained access to an employee's account or did it through the compromised users' accounts.


A T-Mobile spokesperson was not available for comment when contacted by BleepingComputer earlier today.


"[A]n unknown actor gained access to certain ..