In a recent article reported by Telcom Tech News, current and former T-Mobile employees are receiving offers to help with sim swapping scams via text and are offered up to $300 a swap.
Workers are being contacted with offers of monetary compensation in exchange for their cooperation in swapping SIM cards, a request facilitated through a prompt to communicate further on the encrypted Telegram messaging app.
These unsolicited texts assert that the sender has obtained the recipient’s contact details from the “T-Mo employee directory,” signaling a significant breach of confidential information
There is speculation surrounding the origin of this data, particularly whether it is being continually accessed or if it was obtained from a previous security breach. The fact that some of the affected individuals are no longer employed with T-Mobile, having left the company months ago, suggests that the compromised information could be somewhat dated.
Yet another reminder to enable sim-swapping protections. You can do so by following the guide for your carrier: T-Mobile | Verizon | AT&T
Update: In a statement to Android Authority, T-Mobile denied that there was a data breach, saying:
We did not have a systems breach. We continue to investigate these messages that are being sent to solicit illegal activity. We understand other wireless providers have reported similar messages.
I swear, all the major carriers just have data breach after data breach. The best example of this is AT&T, who just two weeks ago altered customers that 73 million account records were leaked, many containing extremely sensitive information like full names, emails, addresses, phone numbers, dates of birth, account numbers, social security numbers and passcodes (PINs).
Actually true though, how is this news? We’ve known SIM swapping attacks have been a thing for many, many years. How did people think it was happening? Obviously carrier employees are being paid off
The number of people I know who believe that phone number based authentication is secure is staggering. It’s an awful system, arguably worse than the ones that came before it.
I would avoid T-mobile. They added a bunch of stuff to my bill that I didn’t approve of. And when I caught it and complained, their response was less than appropriate. I could barely get them to refund the stuff that I knew they flat out ripped me off on. I would post some of my evidence here, but I’m trying to be as anonymous as possible. Which I have slowly found out the only way to do that, is to stay off the internet entirely.
