T-Mobile (NASDAQ: TMUS) and Verizon (NYSE: VZ) employees across the U.S. are being approached in a large-scale attempt to swap SIMs for money, known as SIM hijacking, according to multiple Reddit posts, The Mobile Report, and 9to5Mac.
“According to initial investigations, individuals posing as customers or representatives of third-party entities have allegedly contacted employees of these companies, offering substantial sums of money in exchange for facilitating SIM swaps,” Lithium Networks, a cybersecurity concern, wrote on Medium.
SIM swapping involves transferring a user’s phone number from one SIM card to another with the intent to gain access to their financial accounts and personal data.
“The scheme … underscores the vulnerabilities inherent in the telecommunications industry and the potential for insider threats,” Lithium wrote. The implication of SIM swapping is far-reaching, according to the cybersecurity firm, because it can allow bad actors to bypass two-factor authentication measures, intercept sensitive communications, and assume control over digital accounts.
“The involvement of employees from within T-Mobile and Verizon raises questions about internal security protocols and the safeguarding of customer information,” Lithium wrote. “Companies within the telecommunications sector must prioritize the implementation of robust security measures, stringent authentication procedures, and employee training programs to mitigate the risk of insider threats and external attacks.” T-Mobile and Verizon have reportedly pledged to cooperate fully with law enforcement agencies.
By J. Sharpe Smith, Inside Towers Technology Editor
Reader Interactions