According to an article on 9to5Google several Mint Mobile customers found their phones were hijacked and used for two-factor authentication purposes. I guess that’s the answer to “what could someone do with the info from the T-Mobile hack.” Maybe not, but timing is perfecto.
Reading the 9to5 article, it looks like hackers in some cases might have phone numbers together with SIM serial numbers, cloned the phones, and used the devices to second factor authenticate and get into crypto accounts. My bet is there’s another hack somewhere that involves Coinbase (the only one mentioned,) that I haven’t followed, but it looks like one Mint customer is claiming $15K in crypto was transferred out.
People who were cloned had no phone service until a reboot, at which point service was restored. Evidently the hackers did not need to keep their cloned phones on the network having done what they needed quickly.
There’s also a SIM replacement swap it looks like where people are ordering replacement SIMs and getting them through, so this might not be related to the T-Mobile hack, but as Mint Mobile goes over T-Mobile network as an MNVO, timing is everything.
So kids, remember that… really don’t know what to tell you in terms of security at this point other than that it seems text authentication is not as safe an option as we think it is. Also that while Mint was named in this article, we know at least a few MNVOs that go over T-Mobile including Google-Fi (also mentioned as getting hijacked.)
Going to sit and drink a fine Aviation Gin and tonic and wade through this.
I’d suspect we’re going to be hearing a bit more about MNVO vulnerability, but this might just be a coincidence. Seems all this “5G is the future of everything” would have involved some sort of ability to locate clone phones.[9to5Google]