Data breaches are commonplace in the world of hacking, but SIM hijacking is less familiar outside of the telecoms industry. SIM cards, of course, are used in mobile phones to identify users to networks and allow them to make calls. These SIM cards are highly secure given the amount of data they contain and the finances associated with them e.g. contracts. And mobile phones are now a crucial part of any modern business for communications to run smoothly. Accordingly, protecting SIM cards for organizations should be a major concern.
But what is SIM hijacking? And what can you do to protect your SIM cards?
The T-Mobile Breach
In what is the fourth such attack in 18 months, around 48 million customers – many of them former customers – have been affected by the latest T-Mobile breach. Quickly Check If You’re Email Was BreachedThe cause of this breach has not, as of yet, been identified, but the data in question has. Stolen data includes:
- Names
- Social security numbers
- Birthdates
- Driver’s license details
Around 850,000 customers who hold pre-paid accounts have also had their names, phone numbers and account PINs stolen. All of this data is currently being sold online and represents a major security threat to those involved. And, for those whose number has been exposed, there is also the very real risk of falling victim to SIM hijacking.
What is SIM Hijacking?
SIM hijacking is a process where a hacker attempts to obtain control over a mobile phone account by moving the associated number to a new device. This is achieved by contacting a service provider – such as T-Mobile – and adopting a false identity. You may wonder why people want to steal a mobile number. After all, having access to a set of phone numbers isn’t overly exciting for a hacker. But we live in a world where mobile phones are regularly used for two-factor authorization. Therefore, having access to a phone number can open all manner of opportunities to a hacker.
How Do You Prevent SIM Hijacking?
Once a hacker has your phone number there is little you can do to stop them attempting to hijack your SIM. Naturally, the simplest option is to limit the number of times you give out your mobile number. But this is difficult when we live in an age when so many companies request your number for contact purposes. Nonetheless, it is possible to limit the damage by carrying out the following:
- Certain service providers such as T-Mobile and Verizon offer security features which block SIM swaps by either requesting a security PIN or using the existing device to authorize the swap
- Educate yourself on the dangers of social engineering as these techniques can easily be employed by hackers to expose security PINs etc
For more ways to secure and optimize your business technology, contact your local IT professionals.