• T-Mobile accounts were SIM-swapped on at least 104 occasions in 2022 according to Krebs on Security.
• This means hackers can access the target’s entire digital life including financial and social media accounts.
• The FBI reported 1,611 incidents of SIM swapping in 2021 indicating that this problem is more widespread than it appears.
T-Mobile Accounts Hacked More Than 100 Times
Researchers have reported that T-Mobile accounts were hacked more than 100 times throughout the year of 2022. This type of attack, known as SIM swapping, involves hackers tricking the network provider into switching the account to a SIM under their control. With this, they can access information such as 2 Factor Authentication (2FA) codes and gain access to any connected financial or social media accounts associated with that phone number. In December 2022, Nicholas Truglia was sentenced to 18 months in prison for stealing $23.8 million in crypto via SIM swapping related to one victim alone.
Increase in SIM Swapping Complaints
The FBI has also seen an increase in complaints regarding cases of SIM swapping between January 2018 and December 2020. There were 320 reports during this time period but this skyrocketed to 1,611 incidents just within 2021 alone, indicating that this is a widespread issue across all mobile networks providers.
Three Distinctive Hacker Groups Advertising Access
Security researchers focused on Telegram groups where three distinctive hacker groups advertised access to T-Mobile customer accounts. Researchers logged each time a Telegram post notified channel members about account access and started counting from Dec 31st, 2022 until mid May when 104 incidents had been logged – leaving four and half months of data unaccounted for which could suggest even higher numbers of attacks overall.
How To Counter SIM Swapping?
As many companies are still not prepared for these types of attacks, users should be vigilant about taking measures to protect their data from potential hacks by using strong passwords, two factor authentication codes and other security methods like biometric authentication or hardware tokens instead of SMS based 2FA codes whenever possible. Additionally users should be aware of how their service provider handles suspicious activities around their account such as contact changes or requests for copies of personal identification documents as these might be signs that someone is attempting a takeover or compromise your account security online.
SIM swapping is an industry wide problem and has become increasingly common over the last few years; however there are steps users can take to protect themselves from becoming victims of such attacks like regularly changing passwords or opting out from SMS based two factor authentication codes wherever possible while staying aware if any suspicious activity surrounding their accounts occur so they can act quickly before it’s too late