T-Mobile’s latest data breach exposed users to SIM swapping attacks

T-Mobile is the only telecom giant to suffer at least three known data breaches in 2021.

Another day, another data breach at T-Mobile – This time, the Bellevue, Washington-based telecom giant has acknowledged suffering a cyberattack in which the personal information of “a very small number of customers” was accessed by unknown attackers.

What happened?

According to internal documents seen by T-Mo, the exposed information which included account number, name, phone number, and package details, etc. was accessible through the company’s customer proprietary network information (CPNI) and allowed attackers to carry out sim swapping attacks against unsuspected customers.

What is SIM Swapping?

For your information, SIM swapping is also known as SIM Hijacking. It is a kind of identity theft in which an attacker manages to create a new SIM card of any number fraudulently and use it for personal gains, without the knowledge or consent of the original user of the phone number.

To get the duplicate SIM card, the attacker usually calls the telecom firm and convinces their customer support service for being the actual owner of the phone number by providing the target’s personal information. Thus, the telecom firm ports the phone number to a new SIM card

Read More: https://www.hackread.com/t-mobile-data-breach-sim-swapping-attacks/